From www.bleepingcomputer.com: Cybercriminals are using Google search advertisements to promote phishing sites that deceive users into providing their Google Ads credentials, redirecting them to fake login pages hosted on Google Sites.

This method exploits the rule that allows URLs from Google Sites to appear legitimate, making it difficult for victims to discern the malicious intent.

At least three cybercrime groups, including those operating out of Brazil and Eastern Europe, are behind these attacks, aiming to sell the stolen accounts and utilize them for future phishing schemes.

Filed under: Tech

Leave a Comment