Security News > 2023 > February > Malicious Google ads sneak AWS phishing sites into search results
A new phishing campaign targeting Amazon Web Services logins is abusing Google ads to sneak phishing sites into Google Search to steal your login credentials.
The malicious Google ads take the victim to a blogger website under the attackers' control, which is a copy of a legitimate vegan food blog.
The malicious Google Ads remain, even if the sites they link to are no longer online.
Google Ads have been under massive abuse from cybercriminals of all kinds lately, serving as an alternative method to reach potential victims.
These ads have been used lately for phishing password manager accounts, achieving initial network compromise for ransomware deployment, and malware distribution masquerading legitimate software tools.
Last week, Sentinel Labs discovered a campaign that uses virtualization technology together with Google Ads to spread malware that makes it harder to detect by antivirus tools.