Threat Management, Ransomware, Malware

Cybercriminals using search engine ads to direct users to sites with malware, FBI warns

FBI logo
The FBI is warning the public that cybercriminals are impersonating brands via search engine ad. (Photo by Chip Somodevilla/Getty Images)

The FBI issued a public service announcement warning that cybercriminals are impersonating brands via search engine advertisements to direct users to malicious sites.

According to the Dec. 21 PSA, the sites host ransomware and steal login credentials, and other financial information, particularly for cryptocurrency platforms.

The cybercriminals purchase the ads to appear within search results using domains that are similar to an actual business, but link to a webpage that looks identical to the legitimate business page.

If a user is searching for a program to download, the fraudulent page links to malware instead. For instances when a site impersonates financial organizations, particularly crypto exchanges, the sites prompt users to enter login credentials and financial information.

The FBI recommends:

  • Make user the URL is authentic and without typos.
  • Type in the business’s URL instead of searching.
  • Using an ad blocking extension.
Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.