Malware search engine ads

Conceal Threat Alert: Attackers Using Search Engine Ads to Beat Antiphishing Software.

A recent FBI public service announcement highlights that cyber criminals are using search engine advertisement services to abuse users’ trust of brands to direct them to malicious sites that deliver ransomware and conduct credential theft. At the end of this post, we’ll explain how you can start protecting your company’s network from this threat by signing up for a free trial of our zero-trust dynamic remote browser isolation and antiphishing software, ConcealBrowse.

Falsely-branded ads as the lure

According to the announcement, attackers are creating ads using logos and similar domains of trusted brands to trick users into clicking on the ads and visiting the malicious sites. A similar technique is often used in phishing attacks utilizing email as the attack vector. Since many antiphishing services already exist to protect users inside their email clients, this tactic is designed to bypass any checks done on email entirely.

Because the ads look legitimate and are related to something the user is conducting a web search for, the user may be more likely to take the malicious action on the page they are visiting. For instance, if they received the ad by searching for a piece of software they want to download, and both the ad and the page they visit look legitimate, the likelihood the user will download the software is greater than it would be if they received an unsolicited email with the same link.

To make matters even more confusing, these ads target the same keywords as the legitimate site so these malicious ads can appear above legitimate results. This creates an extra layer of confusion for the end user and increases the likelihood they will click on the malicious link instead of the legitimate one.

How can companies protect themselves?

Most of the countermeasures suggested by the FBI revolve around educating users and asking them to take extra precautions whenever they click on ads. These suggestions aren’t enough. No matter how much training they have or how careful they think they’re being, users will always make the wrong decision at some point. ConcealBrowse provides zero trust protection against these threats, checking every link regardless of the source. ConcealBrowse makes sure untrusted sites are opened in our dynamic isolated web browsing environment where they can’t access your user’s devices or networks.

ConcealBrowse phishing protection provides an additional layer of security when sites try to mimic the logos or domains of real sites by identifying these threats with computer vision and AI and blocking them from users, even if the sites have never been seen before.

Try ConcealBrowse today

Sign up for a free trial of ConcealBrowse today and see for yourself how easy it is to protect your users from untrusted web sites and apps. If you’d like to talk to a member of our sales team and see a demo first, you can click here to do that too. We would love to show you how ConcealBrowse pushes zero-trust to the edge and protects your users where they are most vulnerable; in the browser.

Written by: Conceal Research Team