Google is the most popular search engine in the world. There are approximately 3.5 billion Google searches performed every day. Yes, you read that right, 3.5 billion. Impressive!
Cybercriminals would love to have access to that many worldwide users. Unfortunately, that recently happened. Some fake ads were able to get past Google's security and trick users into clicking on malicious links.
How fake ads are tricking Google users
What we're talking about is a malvertising campaign that was discovered over the last few days. Malvertising is when fraudulent ads contain malicious links that lead to malware or other scams.
In this case, when anyone searched Google for the retail store Target, a malicious ad was the first result displayed. If you clicked on the ad, instead of being sent to the Target site, you were redirected to a fake webpage set up to look like Microsoft tech support.
The fake tech support message claimed that the victims' gadget had been infected with a Trojan. It displayed a warning not to restart your PC because rebooting may cause data loss and identity theft.
The message also gave a phony tech support phone number for the victim to call. If the victim called the number, the scammer who answered would ask for critical log in data along with sensitive banking information.
Image: Example of fraudulent tech support site. (Source: StackExchange user Browly)
The good news is once Google was notified of this scam, the tech giant removed the ads from its search results. Also, the fraudulent tech support site has been taken down.
The scary thing is the fact that this type of scam was able to slip by Google in the first place. It's a reminder that we constantly need to stay vigilant and always beware of potential scams.
How to stay protected from tech support scams
Here are some suggestions from police on how to protect yourself from fraudulent tech support scams:
- Don't call numbers from pop-up messages.
- Never allow remote access to your computer.
- Always be wary of unsolicited calls. If you're unsure of a caller's identity, hang up.
- Never divulge passwords or PIN codes.
- Microsoft, or someone on their behalf, will never call you about potential tech problems.