Security News > 2022 > October > How phishing campaigns abuse Google Ad click tracking redirects
PhishLabs by HelpSystems has identified attackers leveraging a weakness in Google's ad service to carry out phishing campaigns on financial institutions.
In this Help Net Security video, Kevin Cryan, Director of Operational Intelligence at PhishLabs, talks about how this type of attack is different from the one identified by Microsoft - threat actors use conditional geolocation logic to present the legitimate landing page when Google scans their ad. Google publishes the ad and displays the legitimate landing URL on hover.
As a result, you get a more convincing ad experience that still redirects targeted victims to a malicious site.
News URL
Related news
- Google now blocks spoofed emails for better phishing protection (source)
- Google location tracking deal could be derailed by politics (source)
- Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices (source)
- Google, Apple gear to raise tracking tag stalker alarm (source)