Today, we’re going to talk about something that affects all internet users – online ads that lead to phishing sites. As we all know, Google Ads is one of the most popular advertising platforms that allows businesses to reach their target audiences effectively. However, just like anything else on the internet, there is the possibility of misuse.
For several years now, bad actors online have been purchasing Google Ads that lead to spoofed websites loaded with phishing tools or malware.
A successful campaign can look like this.
- User goes to Google and searches for Facebook.
- The first 3-4 results are phishing ads that redirect to a page that tells them they have malware infection and to call a phone number to have it cleaned up. They call the number and allow the scammers remote access to their computer.
Or like this:
- User goes to Google and searches for Big Box Store.
- The first 3-4 results are phishing ads that redirect to a spoofed website that looks much like the real thing. User proceeds to buy that office item they need, and enter the company credit card details in to the spoofed site. The company card is compromised.
In both scenarios, unsuspecting users believe they are visiting a legitime website, so their guard is down.
In this blog post, we’ll explore this growing concern to help you understand the mechanics behind it and we’ll also discuss ways to protect yourself from these threats.
Understanding Google Ads Redirecting to Phishing Sites
1. What are phishing sites?
2. How does it happen?
The process typically begins when cybercriminals create an ad campaign using Google Ads. They may use various techniques to trick Google’s ad approval process, making their malicious ads appear legitimate. Once the ad is approved and displayed, users who click on it are redirected to a phishing site instead of the expected destination.
These phishing sites often imitate well-known brands or services, making it more likely for users to enter their information, thinking they are on a legitimate website.
Risks and Consequences
Keylogger or Virus Injection
When a user falls victim to one of these phishing sites, and calls the scammers for technical support, allowing them remote access to their computer, they can expose your business to great threat from a keylogger or virus injection.
Compromised Login Credentials & Credit Cards
Users who fall victim to phishing sites can unknowingly provide their personal or the company credit card to cybercriminals. This information can be used for identity theft, fraud, or unauthorized access to accounts.
These phishing ad campaigns can cause financial losses if users provide credit card details on these fake websites. Cybercriminals can exploit it for fraudulent activities.
Reputational Harm or Google Ads Account Fraud
Often, these cyber criminals use legitimate Google Ad accounts of real businesses to run phishing campaigns. They begin by compromising the email and associated Google Ads account of a real business. They then create the phishing campaigns. If Google becomes aware of the fraud, they may shut down the entire account. In the meantime, your organization may experience fraudulent ad charges, your legitimate ads no longer running, client complaints, loss of trust, and other problems associated with having your email and add account compromised.
Protecting Yourself from Google Ads Redirecting to Phishing Sites
Educate Your Team
Bookmark Trusted Sites
If you already know the site you are looking for, skip all ads and sponsored links and go directly to organic results for increased security.
Better yet, save and bookmark the legitimate URL’s of sites you know, use and trust. It’s too easy for URL’s to be spoofed.
Use Caution When Clicking On Sponsored Links and Ads
Report Suspicious Ads
If you come across a suspicious ad on Google, report it. Google takes ad quality seriously and investigates reports of malicious or deceptive ads. You’ll be helping keep everyone on the internet safer, and that’s something to feel good about.
Use Antivirus and EDR On All Staff Computers (or via an RMM)
While antivirus and antimalware software are older tools, they can still help to protect your staff from known viruses that may be embedded on sites.
EDR, or Endpoint Detect & Repair tools are newer cybersecurity apps that work in tandem with antivirus. They can help block fileless threats that antivirus misses.
Neither tool will help if a user visits a phishing site and enters their credit card information, so be sure to apply both layers of security – awareness training and tools.
Neither tool can help if not installed, or not up to date. All company computers need to be patched daily. Your IT company can automate this for you using Remote Monitoring and Management tools, a.k.a. RMM tools.
Use Ad Blockers On All Staff Computers (or via a security policy)
Ad blockers can be very helpful in reducing cyber threats. Try uBlock Origin on your Chrome or Edge browser.
If you have Microsoft InTune enabled, your IT company can deploy this across all computers via a security policy.
There are other ways to filter ads across a physical network. Speak with your trusted IT partners to create a prevention plan for your business.
Are you ready for a great IT management company to take care of your technology needs?
We can help. Since 2003, we have been helping SMB’s in Toronto and Durham Region with all things IT related. Our comprehensive IT services can be tailored to your needs. Best of all, you will never be out of date or caught off guard again, because our skilled technicians will be managing everything for you.
Reach out today. Let’s talk about your techaches and how we can help you.