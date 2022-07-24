When you do daily searches on Google, surely a result with the label of being an ad has appeared at the top, especially when you want to search for a new mobile rate or another service. But even if it seems that it is a completely trustworthy ad, because it has this label, it has been possible to detect that some of them belong to advertising campaigns that are malicious that abuse these Google advertising mechanisms.

Security firm Malwarebytes has found that when searching for keywords related to YouTube, the first ad that appears can have multiple titles: “YouTube: The Best of YouTube Videos” or “YouTube.com: YouTube: The Best of YouTube Videos for You.” But this is something completely fraudulent, and you have to be very careful about it.

Using Google ads to fraudulently spy on your computer

A priori, when you see these headlines and even the URL that appears right next to it can give the feeling of completely legal and trusted access. This means that any user who has searched for this word ends up clicking without fear, and even more so as it is one of the largest services offered by Google and the most used worldwide.

But the reality is that by clicking on this ad you will not be redirected to YouTubebut to a fraudulent website that will generate Windows Defender warnings. The URL is http://matkir[.]ml y http://159.223.199[.]181/, in which several messages will appear specifying the following: Windows was locked due to questionable activity reporting that a financial spyware was detected.

🚨 We detected a major malvertising campaign abusing Google Ads. ➡️ Stay tuned for our full report on this campaign. pic.twitter.com/VzAdtgVR3q — Malwarebytes Threat Intelligence (@MBThreatIntel) July 20, 2022

At the moment to be able to solve it, a contact telephone number will appear where a supposedly YouTube support technician will want access to your TeamViewer to take control of the device. In order to solve it, you will be asked to sign an expensive support contract in order to unlock the computer, definitively entering its trap.

This means that the control that exists in the ads has been seriously questioned. The only way to avoid precisely this is to have a VPN network, since at that moment you will be redirected to the original YouTube website. In these situations you always have to be very careful even with ads that they appear in Google while the searches are being carried out, since even then you will not be completely sure.

Via | BleepingComputer