TechTalk: Scammers Abuse Google Ads Platform To Distribute Malware
| Author: Victor Sample Vic Sample: MT43 News Treasurer |
Scammers Abuse Google Ads Platform To Distribute Malware Victor Sample So many scams, so little time to report them! Today, the Tech Newsletter I receive every morning warned of malware operators abusing the Google Ads Platform to spread malware. The threat actors are impersonating many popular, free software products such as Grammarly, Thunderbird, Brave, Libre Office and, ironically enough, Malwarebytes – my favorite tool for removing malware.
The threat actors clone legitimate websites for the products they are targeting. Then using the Google Ads platform and “typosquatting” they lure internet users into downloading the malware.
Domain Names are the names of websites, such as “google.com”. Typosquatting is the practice of acquiring domain names that are very similar to the original domain name but spelled slightly differently. At a casual glance, a link to the site looks very, very much like the original.
The scammers/hackers then abuse the Google Ads Platform by getting their “ads” placed above the actual legitimate websites. If you aren’t paying very close attention you can easily be fooled into clicking on a link to a cloned website that looks just like the real website.
If you click on a link to download the software (which you think is legitimate, free software), you actually download malware. Many times the scammer/hackers actually do provide you with legitimate versions of the software, but also download the malware at the same time.
To avoid being detected and blacklisted by the browsers, the cloned websites will actually just be benign websites that just redirect you to the malware site. Since they look like benign websites they are not blocked by the various browsers.
One of the ways you can combat the Google Ads Platform abuse is to employ an “ad blocker”. Most browsers offer an extension to enable ad blocking. By blocking the ads, they don’t show up on a list for you to accidentally click on. However, beware that many legitimate sites will ask you to disable your ad blocker and some will even bar you from using their site if you are using an ad blocker.
Of course, the best way to avoid being duped by hackers using typosquatting is to always be vigilant. Always, always look carefully at links you are clicking on to ensure that they really are legitimate. And, of course, NEVER download anything from a website without researching the website to ensure that it is a legitimate website.