Digital transformation

Google Search is becoming a target for cybercriminals.

Phan Van Hoa September 7, 2024 06:24

Google Search, often considered the gateway to the world's information, is becoming a target for cybercriminals. These attacks are increasingly sophisticated and cause significant damage to users.

Malicious advertising campaigns (also known as malvertising) are becoming one of the biggest cybersecurity threats today. Cybercriminals are increasingly sophisticated in exploiting advertisements to spread malware and steal user information.

According to a report by the US cybersecurity software company Malwarebytes, the number of malvertising attacks in the US increased dramatically in the third quarter of 2023, with an average monthly increase of 42%. This indicates that the situation is becoming urgent and requires timely countermeasures.

Ảnh minh họa.
Illustrative image.

Jérôme Segura, Senior Research Director at Malwarebytes, issued a worrying warning about the current state of cybersecurity. He stated: “Every brand, big or small, is becoming a target of cyberattacks, whether it’s phishing or malware installation. What we’ve discovered is only a very small fraction of what’s actually happening.”

Fraudulent advertisements are becoming increasingly sophisticated and difficult to distinguish from legitimate ones. They appear as naturally sponsored content in search results on desktops or mobile devices, making it hard for users to tell the difference. Even more dangerously, malware can hide itself in ads on reputable websites we frequently visit, creating a false sense of security.

Some fraudulent advertisements simply aim to entice users to click for illicit gain. However, the danger also comes from websites that have been hacked and infected with malware.

According to Erich Kron, a security expert at KnowBe4, a US-based company specializing in cybersecurity training and awareness, users can become infected with malware simply by accidentally accessing such a website without taking any further action. This means the risk of attack can occur even if we don't actively click on the advertisements.

It's not just Google; other reputable websites are also targets for cybercriminals.

Malicious advertising is not a new problem, but cybercriminals are constantly improving their techniques, making it so sophisticated and realistic that it's difficult to distinguish from the real thing. This becomes even more dangerous when many people place absolute trust in Google's search results.

However, it's important to emphasize that Google Search isn't the only target of cybercriminals; other search engines like Microsoft's Bing are also vulnerable. The core issue is that users need to be vigilant and cautious about any information, especially advertisements, even when they appear on reputable platforms.

Google has become an indispensable part of our daily lives. We trust that any information appearing on Google is accurate and reliable. This blind trust has led many people to fall victim to malicious advertisements.

As Professor Stuart Madnick of the MIT Sloan School of Management (USA) pointed out: "When people see information on Google, they tend to believe it is reliable information, without questioning its authenticity."

Even on reputable websites that we frequently visit, the risk of encountering malicious advertisements is always present. Many of these ads are designed to look exactly like legitimate ads, making it difficult for users to distinguish between real and fake.

This situation is similar to mail control. How can you check every single letter to ensure it doesn't contain any malicious content? Professor Madnick likened detecting and removing malicious advertising to a mail carrier having to check each letter for harmful content.

Be careful when clicking on ads on reputable websites.

To protect themselves from malicious advertising tactics, users need to be extremely vigilant and proactive. One of the simplest ways is to avoid clicking on sponsored links that appear in online search results. Often, these ads are designed to grab attention immediately with enticing offers, incredibly low prices, or unrealistic promises.

However, users should note that right below these sponsored ads, there are often organic, unpaid search results. These results are usually more reliable because they are ranked based on the search engine's algorithm, prioritizing websites with quality content relevant to the search keyword. Therefore, instead of rushing to click on the first ad, users should take the time to carefully examine these organic search results.

Before taking any action on a website you accessed through sponsored ads, take a few seconds to double-check the URL in your browser's address bar. This is an extremely important step to ensure you are on the correct website.

Compare the URL in the address bar with the URL you entered in the search box or saved. If there are any differences, or if there are any extra strange characters, you may have been redirected to a fake website.

Do not click on any other links on that website and do not enter any information. According to Avinash Collis, an assistant professor at Carnegie Mellon University's Heinz College, closing the browser window immediately is the best way to avoid trouble in most cases.

Even when visiting trustworthy websites, you should exercise extreme caution when clicking on ads that appear there. Security expert Erich Kron emphasizes that many ads can exploit consumers' desire for cheap deals by offering prices that are far too attractive compared to the market.

For example, you might be searching for a product on a reputable retailer's website and suddenly see an advertisement for the same product at a much lower price. Instead of rushing to click on the ad, you should take some time to search for the product directly on the retailer's website. Most promotions and special discounts are publicly posted by large retailers on their homepage or product category pages.

Besides avoiding clicking on links in sponsored ads, you should also absolutely avoid calling the phone numbers provided in these ads. This is one of the common scams that fraudsters often use to steal your personal information.

According to Chris Pierson, CEO of BlackCloak, a cybersecurity and privacy platform, attackers can exploit your calls to install malware on your device. This malware can steal passwords, bank account information, and even remotely control your device.

Turn off automatic downloads and regular system updates.

Besides being cautious about online links and advertisements, users should also proactively protect their devices by:

Turn off automatic downloads:Many software programs and applications can automatically download and install updates, extensions, or other unwanted software. This feature, if not carefully managed, can pose significant security risks. Go to the settings of these programs and applications and completely disable or customize automatic download features.

Update your operating system and browser regularly:Software developers regularly release updates to patch security vulnerabilities. Failing to update your operating system and browser can leave your device vulnerable to hackers. Set your system to update automatically, or check for and update regularly yourself.

In today's digital world, with millions of advertisements flooding the internet, the risk of encountering cybersecurity threats is unavoidable. Hackers are becoming increasingly sophisticated and using more elaborate scams to steal users' personal information and assets. Professor Madnick offered a very insightful piece of advice: "You should assume this could happen to you no matter how careful you are."

Source: CNBC
Copy Link
0 0 0
x
Google Search is becoming a target for cybercriminals.
Google News
POWERED BYFREECMS- A PRODUCT OFNEKO