Security News > 2022 > March > Hundreds of eBike phishing sites abuse Google Ads to push scams
A large-scale campaign involving over 200 phishing and scam sites has tricked users into giving their personal data to fake investments schemes impersonating genuine brands.
The fraudulent operation relies upon the abuse of Google Ads and SEO to draw victims to hundreds of fake websites targeting the Indian audience.
Although the threat analysts discovered 200 active phishing domains, they warn that the swarm is constantly being refreshed, with new sites taking the place of those reported and taken down.
CloudSEK has told Bleeping Computer they have shared the entire phishing domains list with Google to help stop the Ads abuse.
The size of the operation and the scale of the Google Ads abuse is such that spotting the fraudulent sites may be challenging.
As for affected businesses, reporting the phishing sites won't cause much of a disruption for the threat actors.
News URL
Related news
- Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale (source)
- Phishing scams and malicious domains take center stage as the US election approaches (source)
- AI and deepfakes fuel phishing scams, making detection harder (source)
- New Google Pixel AI feature analyzes phone conversations for scams (source)
- Google launches on-device AI to alert Android users of scam calls in real-time (source)
- Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes (source)