FAKE ads with the same URL as the websites they are copying are running rampant online and they’re impossible to detect until it’s too late, a cybersecurity expert has warned.
However, there is one hack all tech users must know to avoid a bank-raiding trap.
MalwarebytesThese fake adverts are indistinguishable from real ones[/caption]
MalwarebytesCloaked websites are also often tied to decoy pages[/caption]
So-called ‘malvertising’ has had a resurgence online since the tail end of last year.
This is when scammers use an old trick called cloaking, which masks a websites real URL to advertise malware-infected links.
But in recent cases, these URLs have been identical to real, frequently visited sites.
In a report published last week, director of threat intelligence at cybersecurity company Malwarebytes, Jérôme Segura, revealed a malicious malvertising campaign where fraudsters impersonated Amazon on Google Chrome.
These fake adverts are indistinguishable from real ones.
Speaking to The Sun, Segura explained that web users can no longer trust the first link that appears on a search engine, even when it’s a big brand.
“We can’t blame people for clicking on them, especially when ads are being impersonating,” he said.
“Its not their fault.”
The fault lies with the search engines, he added.
“People, myself included, tend to visit the same websites everyday. Most people go to YouTube or Facebook.
“We open the browser, which happens to be Chrome in most places, and we just type the name and click whatever comes first.”
Those days are gone.
Recently, “we have ads that are malicious that are shown at the top [of the browser page],” said Segura.
“I’m still a bit puzzled as to why its so easy.
“A lot of the time what I see is those [scam] advertisers are using specific services to do cloaking and that in itself should raise a flag to Google.”
The Sun has contacted Google for comment.
Malverts aren’t everywhere, and if “you don’t type the URL, you don’t click on an ad, you just click on an organic result from the search engine – that usually works well,” added Segura.
But doing this doesn’t make you immune to another type of fraud called SEO poisoning, where scammers ‘game’ the search engine to position high up on the page, he continued.
Cloaked websites are also often tied to decoy pages.
Sometimes the decoy page will be displayed during specific hours of the day to avoid detection, and then other hours – maybe when there’s more traffic among the targeted demographic – the malicious page will be pushed instead.
However, Segura does have one trick up his sleeve to try and eliminate the risk of clicking a cloaked link.
If you visit the intended one and are certain that it’s legitimate, bookmark it.
That way you have access to the real site, no matter what comes up in your search engine results.
Alternatively, web users can download a free extension from Malwarebytes called Browser Guard – which is not only an ad blocker but helps the cybersecurity firm maintain a data base of malicious sites.
This helps expose the infrastructure that criminals use for cloaking, which will also be blocked.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
How to delete your Instagram account
What does pending mean on Snapchat?
How to check if you’ve been blocked on WhatsApp
How to drop a pin on Google Maps
How can I change my Facebook password?
How to go live on TikTok
How to clear the cache on an iPhone
What is NFT art?
What is OnlyFans?
What does Meta mean?
Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]