Cybercriminals are hijacking Google Ads accounts through fake ads that mimic the legitimate Google Ads platform. These ads trick users into providing their login credentials, allowing hackers to take over accounts and run fraudulent campaigns, putting countless advertisers at risk.
According to Halcyon’s report on January 15, the attackers, primarily from Brazil and Asia, are using phishing pages hosted on Google Sites to make them appear authentic, affecting thousands of Google Ads customers globally.
The attack starts with a fake Google Ads link that is seen to be “sponsored by Google” which then redirects users to a counterfeit login page where they enter their credentials and hackers would gain access to their accounts. These compromised accounts are then used to create rogue admin accounts and run fraudulent ads.
Google is actively combating this threat by removing fraudulent ads and notifying affected users. They recommend enabling two-factor authentication (2FA) and using strong, unique passwords. Google also provides guidance on securing accounts and recovering from attacks.
#CyTech #cybernews #cybersecurity #ciso #cisoworkplace #phishing #Google #GoogleAds
Leave a Reply