Vulnerability Management, Threat Intelligence

Novel Microsoft tech support scam involves fraudulent Amazon ad in Google search

BleepingComputer reports that threat actors have launched a Microsoft Defender tech support scam facilitated by a seemingly legitimate Amazon ad found on top of search results in Google. Clicking on the fraudulent ad, which shows the real URL of Amazon, triggers a redirection to a fake Microsoft Defender alert warning of infection with the ads(exe).finacetrack(2).dll malware, with the scam launching in full-screen mode. Closing Google Chrome will not hinder the scam, which prompts the restoration of previously closed pages upon relaunching the browser. Such a campaign comes after a fraudulent YouTube ad was reported by Malwarebytes last June to have been leveraged to facilitate the same tech support scam. Malvertising campaigns involving Google ads have become increasingly prevalent during the past 12 months, with the Royal ransomware operation previously reported to have used Google ads to enable the deployment of Cobalt Strike beacons for initial network access in future ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.