Just like they do in phishing emails and on fake websites, cybercriminals are now using ads on search engines to impersonate legitimate brands. These fake ads are then used to bring unsuspecting users to malicious sites hosting malware and ransomware.
Back in November, we saw this first hand when cybercriminals bought ads for the popular Photoshop alternative GIMP on Google Search. While the ad pointed users to ‘GIMP.org’ which is actually the program’s official site, they were instead taken to a fake site that infected their computer with the VIDAR info stealing trojan.
For this reason, the FBI is now recommending that users install one of the best ad blockers for their browser to help protect themselves from fake ads in search results.
Abusing search results to push malware and phishing sites
In order to abuse search results in their campaigns, cybercriminals purchase ads “using a domain that is similar to an actual business or service” according to the FBI. Then when a user searches for it, these fake ads appear at the top of the search results on Google, Bing or other search engines.
Since it has become increasingly difficult to tell the difference between an ad or an actual search result, users often click on the first thing they see instead of scrolling further down the page.
For fake ads impersonating businesses, users are taken to a phishing site which uses the same branding and design of the actual site. Logging in or trying to buy something on one of these sites is an easy way for the cybercriminals behind it to get their hands on your account details.
When it comes to software though, the fake sites contain a download link that is actually malware. However, since the download page looks legitimate and the file users are trying to download has the same name as the actual program, they are more likely to install malware or another virus on their computer on their own.
How to protect yourself from malicious ads online
Although ads displayed in search engines are not malicious by nature, you need to be careful when clicking on them as they can easily be hijacked by cybercriminals. This is why the FBI recommends you check the URL to make sure it’s authentic before clicking on any ad you see in search results.
If you know a business or service’s website, you should enter it directly into your browser’s address bar instead of using a search engine to find it. However, you need to be careful that you don’t misspell it as cybercriminals often purchase look-alike domains with the hope that users will accidentally end up on these sites. This is called typosquatting and it’s a very easy way for cybercriminals to get their hands on your credentials or to infect your devices with malware.
Whether or not you choose to continue clicking on ads that appear in search engines is entirely up to you. However, if you install one of the best antivirus software solutions on your devices, you can rest easy knowing that you won’t be infected by any malware spread by fake ads or websites. Likewise, the best identity theft protection services help keep you safe from fraud though they can also help you recover your identity if it does get stolen.