FBI: Criminals Using Search Engine Ads to Spread Malware

Eric Goldstein
Eric Goldstein Chief Editor
Eric Goldstein Eric Goldstein Chief Editor

The FBI issued a warning this week to alert online users that cyber criminals are using search engine ads to impersonate legitimate and otherwise trustworthy brands to direct them to malicious websites.

“Cyber criminals purchase advertisements that appear within internet search results using a domain that is similar to an actual business or service,” the FBI said in a press release. “When a user searches for that business or service, these advertisements appear at the very top of search results with the minimum distinction between an advertisement and an actual search result. These advertisements link to a webpage that looks identical to the impersonated business’s official webpage.

“In instances where a user is searching for a program to download, the fraudulent webpage has a link to download software that is actually malware. The download page looks legitimate and the download itself is named after the program the user intended to download.”

The FBI said that threat actors are using fake ads for websites involved in finances, especially cryptocurrency exchange platforms. When a user clicks on the ad, they believe they’re visiting a normal site. The site looks very similar to the real site and it prompts you to provide your personal data. When they enter their account information or financial details, the threat actors gain access to them. With this type of information, criminals can steal their money.

The FBI released tips for how to identify malicious ads, which include checking the URL for the ad before clicking on it, typing in the business URL (instead of clicking on the ad), and using a good ad blocker.

You can also use a high-quality antivirus, which comes with web protections that detect malicious sites and block you from accessing them.

“While search engine advertisements are not malicious in nature, it is important to practice caution when accessing a web page through an advertised link,” the FBI report said.

About the Author
Eric Goldstein
Eric Goldstein
Chief Editor

About the Author

Eric Goldstein is Chief Editor at SafetyDetectives. As an internet security researcher and IT journalist, he has over 3 years of experience writing and editing articles and blog posts about VPNs, parental controls, and other cybsersecurity products and tools. In addition, Eric writes and edits news stories focused on cybersecurity issues for SafetyDetectives. He also spent 20+ years as a sportswriter for multiple media outlets and served in a communications role for a national corporation. When he's not working, he can be found spending time with his family, working out, and watching his favorite sports teams.