Cyber criminals will employ a multitude of different methods and vectors of attack to illicitly gain people’s money and information. Some use direct hacks or exploits to access user’s systems, but more commonly, hackers will rely on individual’s errors to get what they want. Such is the case with the wide range of different phishing campaigns that are out there. In a recently discovered scam attempt, cyber attackers had created a fake Target advertisement to redirect people to a Windows tech support scam.
How the Scam Worked
The crafted ad had appeared to be quite legitimate, but as with any fake campaign, there were indicators of its fallacy. For instance, the “t” in Target was not capitalized in the ad, as it is with the actual company. And Target’s actual tagline “Expect more. Pay Less” was absent, and it instead showed “All Products in One Place.” The tricky thing about this ad is that when it was hovered over, it displayed the actual website “www.target.com” at the bottom. But, when it is actually clicked on, it redirects the user to a malware site with a tech support pop up. The pop up would try to convince users that their device is infected with a non-existent malware called “HARDDISK_ROOTKIT_TROJAN_HUACK.EXE,” and that they must call the displayed phone number to remove it. This ad had actually risen up to number one in the search rankings, directly above that of Target’s actual website. With many tech support scams, if the person were to call the number, the scammer on the other end would likely try to convince them to hand over their credit card number for software to remove the fake file, or to bill them for “tech support time.”
More and more campaigns like this have continued to appear all around the web. Attackers work to find different vectors to launch these scams, hoping to hook a few suckers. In fact, we had written about a very similar scam using a fake Amazon ad a few months back. It was a similar circumstance in the way that it appeared to be a link to the legitimate site, but would redirect the user to a tech support scam. With attackers being able to closely mimic businesses and individuals, people need to remain vigilant on the web. If anything seems slightly off about a link or website, put in the due diligence of looking a bit closer before clicking.
Ensuring Thorough Security to Prevent Cyber Attacks
With the range of potential threats among the landscape in this age, individuals and organizations need to ensure that they are properly protecting their data. Malicious campaigns designed to fool individuals will continue to multiply, and it is ideal if everyone put in the time to learn about their various indicators. Then, there is, of course, the matter of implementing correct security tools and services to prevent cyber attacks from breaching, which obviously varies between individuals and organizations. Antivirus and firewalls are vital first lines of defense, but these alone are not enough for organizations. There can be a large amount of access points and vectors of attack within an organization, which requires them to have much more comprehensive security. Many different tools can be employed to further bolster networks and systems. Massive Alliance offers an array of cyber security services to help prevent cyber attacks.