I’m a tech expert and my simple Google trick could spare you from bank-raiding disaster

FAKE ads with the same URL as the websites they are copying are running rampant online and they’re impossible to detect until it’s too late, a cybersecurity expert has warned.

To avoid falling into a scam, all tech-savvy users should know one simple hack.

These fake adverts are indistinguishable from real ones

2

This fake advertisement is indistinguishable to the real thingCredit:
Cloaked websites are also often tied to decoy pages

2

Decoy sites and hidden websites often go hand in handCredit:

Since the end of 2013, online’malvertising” has seen a rise.

Scammers will use a trick known as cloaking to mask the real URL of a website in order to promote malware-infected hyperlinks.

In recent times, however, the URLs of these sites have been identical with real and frequently visited websites.

In a report published last week, director of threat intelligence at cybersecurity company Malwarebytes, Jérôme Segura, revealed a malicious malvertising campaign where fraudsters impersonated Amazon on Google Chrome.

Billions of Android and iPhone users warned over 'sinister deep fake AI call'
Google warns all Android users to delete app if they see red flag pop-up

They are difficult to distinguish from the originals.

Segura told Central Recorder that users no longer can trust the very first search result, not even if it is a well-known brand.

“We can’t blame people for clicking on them, especially when ads are being impersonating,” he said.

“Its not their fault.”

He added that the fault was with search engines.

“People, myself included, tend to visit the same websites everyday. Many people use YouTube and Facebook.

The browser is usually Chrome. We type in the name, click the first thing that appears, and then open it.

These days are over.

We have seen ads with malicious content at the very top [of the browser page],” said Segura.

“I’m still a bit puzzled as to why its so easy.

“A lot of the time what I see is those [scam] advertisers are using specific services to do cloaking and that in itself should raise a flag to Google.”

Central Recorder has reached out to Google for a comment.

Malverts aren’t everywhere, and if “you don’t type the URL, you don’t click on an ad, you just click on an organic result from the search engine – that usually works well,” added Segura.

He continued, “But doing this does not make you immune from another fraud known as SEO poisoning where scammers manipulate the search engine in order to get a high ranking on the page.”

Decoy websites and cloaked sites are often linked.

The malicious website will then be launched at other times, perhaps when the target demographic is more active.

Segura has a trick to eliminate any risk associated with clicking on a hidden link.

You can bookmark the website if you are sure that it is a legitimate one.

You will then be able to visit the site in question, regardless of what you find on your search engine.

Alternatively, web users can download a free extension from Malwarebytes called Browser Guard – which is not only an ad blocker but helps the cybersecurity firm maintain a data base of malicious sites.

The infrastructure used by criminals to cloak their identities will be exposed and blocked.

Hacks and tips for your phone and gadgets

I’m a tech expert and my simple Google trick could spare you from bank-raiding disaster

You can find tips and tricks for all your mobile devices. Looking for those hidden features within your social media app? You’re covered.


Your stories are worth money! Do you have a story for Central Recorder Online Tech & Science team?


Latest News

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here