Check out all the on-demand sessions from the Intelligent Security Summit here.
Social engineering scams are everywhere. Every day, cybercriminals are using whatever medium they can to trick users into handing over their data. This not only includes email, SMS and messaging services, but also online advertising services.
Today, security browser extension provider Guardio Labs unveiled new research as part of a blog post warning that the Google AdWords advertising platform is “spreading rogue promoted search results en mass.”
As part of these scams, dubbed “MasquerAds,” fraudsters produce fake advertisements designed to rank on search engines and direct targeted users toward malicious phishing sites. These sites are designed to direct users to download malicious payloads hidden with file sharing or code hosting servers like GitHub or Dropbox.
Above all, the research indicates that social engineering scams are continuously evolving, and that malicious advertising is one of the go-to mediums for harvesting the details of unsuspecting users.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
The evolution of social engineering
The report comes shortly after the FBI released a warning that cybercriminals were using search engine advertisement services to impersonate trusted brands and direct users to malicious websites to infect their devices with ransomware or steal their login credentials.
In this latest research, one of the biggest threat actors, known as Vermux, uses hundreds of social engineering sites and domains, mostly served from Russia, to target the GPUs and cryptowallets of U.S. and Canadian residents.
Given the prominence of these attacks, organizations need to double-down on security awareness training and endpoint protection tools, to ensure that employees are equipped to deal with malicious advertising, the same way they are with phishing emails.
“Making mistakes is human, and you only need one to compromise the entire company so other layers of security are mandatory,” said Nati Tal, head of Guardio Labs.
“Integrating EDRs [endpoint detection and response] is a must, but this also is not enough — threat actors keep on evolving and testing their capabilities against enterprise EDR algorithms so we can also see in our research here — refactoring malware payloads, and combining with real software, short operation times and user trust and intent is almost fully resistant to detection,” Tal said.
Tal also notes that preemptive detection inside the browser is a must-have, as it’s the “gateway” to many phishing, malvertising and scams. In-browser protection can help users detect threats before malicious payloads and malware can be downloaded to their system.