The FBI has recommended the use of ad blockers as a precaution to protect against cybercriminals who are using search engine advertising services to impersonate legitimate businesses and steal personal information.
In their announcement, the FBI warned that criminals are purchasing ads that appear in search results using domains that are very similar to the names of real businesses. These ads direct unsuspecting users to malicious websites where ransomware can be downloaded or login credentials and other financial information can be stolen.
The FBI pointed out that these ads are not limited to businesses but also target individuals looking for software to download. In many cases, the fraudulent website offers a link to download software that is actually malware.
These ads have also been used to impersonate websites involved in finance, particularly cryptocurrency exchanges. These malicious sites appear to be real exchanges, where users share their financial information, giving criminals access to their funds.
How can Individuals protect themselves from such scams?
Here are some of the recommendations for Individuals as suggested by the FBI.
- Check the URL before clicking on an advertisement:
- Cybercriminals may use domains that are similar to the names of real businesses, but with typos or a misplaced letter to trick users into clicking on fraudulent ads.
- Always double-check the URL to make sure that it is authentic and belongs to the intended website.
- Be cautious of URLs that use HTTP instead of HTTPS, as this indicates that the website is not secure.
- Type the business’s URL into the address bar:
- Instead of searching for a business or financial institution, type the company’s URL directly into your browser’s address bar.
- This helps to avoid clicking on fraudulent ads and reduces the risk of being redirected to a malicious website.
- Use an ad blocking extension:
- Ad blockers can prevent fraudulent ads from being displayed on webpages, reducing the risk of accidental clicks.
- Most internet browsers offer ad blocking extensions that can be installed and turned on or off as needed.
- Ad blockers can also help to filter out malicious scripts and domains that are used in fraudulent ads.
How can Businesses protect themselves from such scams?
The FBI’s announcement also has some recommendations for Businesses. Here are some of the ways the businesses can protect themselves from such scams.
- Use domain protection services:
- Domain protection services can help businesses monitor and detect when similar domains are registered that may be used for domain spoofing.
- By being notified of these domains early on, businesses can take action to prevent cybercriminals from using them to impersonate their brand or steal personal information.
- Educate users about spoofed websites:
- Businesses should educate their employees and customers about the dangers of spoofed websites and the importance of verifying destination URLs before clicking on links.
- This can include providing training on how to identify suspicious URLs and how to report suspected phishing attempts.
- Educate users about legitimate downloads:
- Cybercriminals may use fraudulent ads or spoofed websites to trick users into downloading malware or other malicious software.
- Businesses should educate their employees and customers about where to find legitimate downloads for software provided by the business, and warn them about the dangers of downloading software from untrusted sources.
How can AdBlockers be effective against scams of these types?
AdBlock can protect against these scams in a few ways:
- Prevents ads from being displayed: AdBlock prevents ads from being displayed on a webpage. Cybercriminals use search engine advertising services to purchase ads that appear in search results using domains that are very similar to the names of real businesses. By using AdBlock, these ads are blocked from being displayed, reducing the chances of users accidentally clicking on a fraudulent ad.
- Blocks malicious scripts: AdBlock can also block malicious scripts that are used to launch attacks or steal personal information. These malicious scripts can be embedded in ads, and by blocking ads, AdBlock can also block these scripts.
- Filters out malicious domains: AdBlock can filter out malicious domains that are used in fraudulent ads. This can help prevent users from being redirected to malicious websites where ransomware can be downloaded or login credentials and other financial information can be stolen.
AdBlock can protect against these scams by preventing ads from being displayed, blocking malicious scripts, and filtering out malicious domains. By using AdBlock, users can reduce their risk of falling victim to these scams and protect their personal information and financial data.