Fake Google Ads Hijack Microsoft Ads Accounts, here is a quick look at what you should know

Cybersecurity researchers have recently uncovered a sophisticated malvertising campaign. This campaign targets Microsoft advertisers using fake Google ads. These malicious ads appear on Google Search and aim to steal login information from users trying to access Microsoft’s advertising platform.

How the Scam Works

When users search for terms like “Microsoft Ads” on Google, they are shown sponsored ads that contain malicious links. These links redirect users to phishing pages designed to look like the legitimate Microsoft Ads login page. Once on these pages, users are tricked into entering their login credentials and two-factor authentication (2FA) codes.

Techniques Used by Attackers

The attackers employ several techniques to evade detection. They redirect traffic from VPNs to a fake marketing website and serve Cloudflare challenges to filter out bots. Additionally, users who try to visit the phishing site directly are redirected to a YouTube video, a tactic known as “rickrolling”.

Impact and Detection

The phishing pages capture the victim’s login details and send them to the attackers. This allows the attackers to hijack the accounts and potentially misuse advertising budgets for malicious campaigns. Malwarebytes, the cybersecurity company that discovered the campaign, has found similar phishing infrastructure targeting Microsoft accounts dating back a couple of years.

Response from Google

Google has been informed about the scam and claims to take steps to prohibit such ads. However, the attackers continue to find new ways to bypass security checks. Google encourages users to report suspicious ads to help combat these scams.

Broader Implications

This malvertising campaign is part of a larger trend of cybercriminals targeting advertising platforms. Similar attacks have targeted Google Ads users in the past, and there are concerns that other platforms like Meta could also be at risk.

Conclusion

The discovery of this malvertising scam highlights the ongoing threat posed by cybercriminals. Advertisers must remain vigilant and take steps to protect their credentials. By staying informed and reporting suspicious activity, users can help combat these malicious campaigns.

You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it