Not so fast – don’t click that fake Amazon or Microsoft ad – here’s why

When shopping online, your first move might be to type in the product you’re looking for into a search engine like Google.  Then you simply click one of the first few links that appear in your search results.

While it may seem to be the simplest approach, cybercriminals are well aware of this and are taking advantage of its weaknesses.

Let’s go through exactly how they’re doing this and what you can do to avoid clicking on those malicious links.

How are cybercriminals infecting links in my search results?

Malvertising  is surging

The report we started tracking in February indicates a surge in malvertising. Malvertising, short for malicious advertising, is a technique used by cybercriminals to distribute malware through online advertisements.

Credit: Malwarebytes

Scammers create a fake ad

So, here’s how it plays out. Scammers will typically purchase ad space on legitimate platforms such as search engines, social media sites, or popular websites and then insert malicious code or harmful links into those fake Amazon or Microsoft ads that look legit so that it’s the first thing you see when you search for something related to that ad. When you click on these ads or interact with them, you may be redirected to websites that host malware or prompted to download files containing malicious software. That malware can harm your computer or allow the hacker to steal your personal information.

The links look almost identical to the real thing

Because Amazon and Microsoft are both big companies that most people buy from, and the links are right at the top, the chances of those fake links getting clicked on are much higher.  Plus, the links are designed to look like they’re coming directly from the website, so people may not think to do a little digging before clicking.

MORE: OLDER AMERICANS ARE BEING TARGETED IN A MALVERTISING CAMPAIGN 

 

How do I know if the sponsored ad is fake?

Check the website’s domain

Look closely at the domain name in the link. Scammers often create fake websites with domains similar to popular or trusted ones, intending to deceive you. For example, they may replace letters with similar-looking characters or add extra words. Verify that the domain matches the legitimate website you intend to visit.

Examine the website’s content and design

Take a close look at the website’s overall appearance, design, and content. Poorly designed or unprofessional-looking websites could be indications of malicious intent. Look for typos, grammatical errors, or suspicious content.

Carefully hover over the link

Hover your mouse cursor over the link (without clicking) to see the actual URL that appears in your browser’s status bar or tooltip. Verify that the displayed URL matches the link you expect to visit.

Be cautious with shortened URLs

If you encounter a shortened URL, such as those created by services like bit.ly or tinyurl.com, exercise caution. These links obscure the original destination, making it difficult to assess their legitimacy.

 

How can I prevent from being a victim?

Know the scammer’s techniques

Understanding how scammers target their victims is half the battle. Make sure you always stay up on the most recent techniques and the schemes they are using. If you are unsure of the shopping site, Google the name and the word ‘scam’.

Watch out for phishing emails and texts

If you get an email or a text message asking you to click a link either to view a product or verify your information, don’t fall for it. Scammers use this technique all the time to try to fool you. They’ll even pretend to be a real high-ranking official from the IRS or some other government organization to try to scare you into falling for their schemes.

MORE: WHY YOU SHOULD UPDATE YOUR MICROSOFT SOFTWARE NOW AND STAY PROTECTED 

Keep an eye out for fake social media scams

You always want to be careful with what you post on social media. Scammers are constantly looking for those who overshare because they feel like easier targets. Make sure you think twice before you post, and watch out for any fake ads that might be posted to sites like Facebook and Instagram as well.

Avoid fake product reviews

Some scammers will even go as far as to post fake reviews for a product to make it look like it’s a good one. However, you can avoid these fake reviews by using a site like FakeSpot.com that grades the truthfulness of Amazon reviews. Check this website before trusting a random person online.

Use a secure browser

Consider using a browser that has built-in security features, such as phishing and malware protection. Browsers like Google Chrome, Mozilla Firefox, Microsoft Edge, Opera, and Brave offer such functionalities.

Enable two-factor authentication (2FA)

Whenever possible, enable two-factor authentication for your online shopping accounts. This adds an extra layer of security by requiring a secondary verification method, such as a unique code sent to your mobile device in addition to your password.

Keep your software up to date

Regularly update your operating system, web browsers, and other software on your device. These updates often include security patches that address vulnerabilities and protect against known threats.

Have good antivirus software on all your devices

Special for CyberGuy Readers: 

Get my review of my best antivirus picks here

Best Antivirus Protection 2023

 

Kurt’s key takeaways

The biggest thing that I want you to take away from this article is to not just put all your trust into the first thing you see online. I know we all have a ton on our plates, and it would be great if we could just find the product we’re looking for in the first link we click, but just do your best to keep your eyes peeled. Trust me; you’d rather spend a little extra time online and get the product you want than click on something fake and risk your information getting stolen.

Have you seen any fake Amazon or Microsoft ads? How frustrating is it for you to have to worry about these fake ads?  Let us know by commenting below.

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

Related:

Related posts

Unbeatable Cyber Monday deals extended

8 phishing email scams to watch out for this holiday season

The AI-powered grandma taking on scammers

33 comments

David August 11, 2023 - 12:45 pm
Today, I searched for Amazon in Google and clicked on the sponsored link up top. It sent me to an obvious (to me) phishing site. The phishing site is now no longer available and the sponsored link now takes you to amazon. Very weird.
Add Comment