Malvertising Mimics Online Ads

Google is the world’s most popular search engine, so it’s no wonder cybercriminals are targeting it and other search engines in malvertising campaigns. With malvertising, threat actors use bogus online ads that appear as sponsored content during a search engine query. To avoid getting phished, internet users must slow down and scrutinize Google ads that appear after a search. Additionally, be aware that malicious code can be hidden in ads on mainstream websites.

According to the cybersecurity software firm Malwarebytes, there was a 42% increase month-over-month in malvertising incidents in the U.S. in late 2023. This type of phishing scheme is only expected to increase as cybercriminals become more sophisticated in their efforts.

Bogus Google Ads Fool Lowe’s Employees

A malvertising campaign targeting Lowe’s employees via Google ads was identified in late August. Employees who searched for the human resources portal using Google would land on the results page. At the top of the list, they might see and click on a sponsored URL (Google ad) such as “mylifelowes” instead of the correct “myloweslife” URL further down the results page. Because the words “login to my Lowes account” were directly under the Google ad in a larger font, it may have seemed legitimate to employees. Unfortunately, it was the gateway to a fake company landing page to steal their credentials.

“Brand impersonation via Google ads is a very popular technique leveraged by threat actors of all kinds,” stated Malwarebytes in a blog post about the incident. “They know people will open up their default browser, do a quick search, and that’s exactly where they can target them.”

Reduce the Risk of Malvertising

Malwarebytes strongly recommends against clicking on sponsored results to avoid phishing campaigns that abuse Google ads. It is better to scroll down further and visit the official websites directly.

Follow these steps for a proactive approach to cybersecurity.

1. Be Cautious with Sponsored Links and Ads: Avoid clicking on sponsored links that appear in search results or on trusted websites. Instead, directly visit the product’s official website or search for the product on the seller’s website. Sponsored ads may lead to malicious websites or phishing attempts.
2. Verify URLs Carefully: If you click on a link, check the URL at the top of the web page to ensure it matches the website you intend to visit. If the URL seems suspicious, close the window immediately.
3. Avoid Calling Phone Numbers from Sponsored Ads: Do not call telephone numbers listed in sponsored ads because they could be fake. Instead, use contact information from official product documentation or the company’s home page.
4. Keep Your Software and Browser Up-to-Date: Regularly update your operating system, browsers, and browser extensions to protect against vulnerabilities that cybercriminals might exploit through “drive-by-downloads.”
5. Use Anti-Malware Software and Ad Blockers: Install anti-malware software on your devices and consider using ad blockers or privacy-focused browsers to reduce exposure to potentially malicious ads. Reporting suspicious ads to search engines can also help prevent others from falling victim.
6. Report Suspicious Ads: If you come across suspicious or malicious ads, report them to the search engine or platform where you saw them. This can help prevent others from being targeted by the same malicious ads.
7. Be Skeptical of Deals That Seem Too Good to Be True: Be cautious of ads promoting deals that are significantly cheaper than typically found. If a deal appears on an unfamiliar website, verify it on the official seller’s website instead of clicking on the ad.

While malvertising is increasing, remember that phishing emails are responsible for up to 90% of breaches. Read our blog article for tips on how to recognize phishing scams.