Security News > 2022 > March > Hundreds of eBike phishing sites abuse Google Ads to push scams
A large-scale campaign involving over 200 phishing and scam sites has tricked users into giving their personal data to fake investments schemes impersonating genuine brands.
The fraudulent operation relies upon the abuse of Google Ads and SEO to draw victims to hundreds of fake websites targeting the Indian audience.
Although the threat analysts discovered 200 active phishing domains, they warn that the swarm is constantly being refreshed, with new sites taking the place of those reported and taken down.
CloudSEK has told Bleeping Computer they have shared the entire phishing domains list with Google to help stop the Ads abuse.
The size of the operation and the scale of the Google Ads abuse is such that spotting the fraudulent sites may be challenging.
As for affected businesses, reporting the phishing sites won't cause much of a disruption for the threat actors.
News URL
Related news
- New Google Pixel AI feature analyzes phone conversations for scams (source)
- Google launches on-device AI to alert Android users of scam calls in real-time (source)
- Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes (source)
- Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Google says new scam protection feature in Chrome uses AI (source)
- Google Chrome uses AI to analyze pages in new scam detection feature (source)