FBI typing on keyboard

FBI warns of imposter ads in search results

The FBI has issued a public notice which includes advice to block adverts. Why? Let’s take a look.

The bogus advert tightrope

It’s no secret that rogue ads have been a particular plague on the Internet for as far back as we can remember. From irritating pop ups and spinning “You’ve won a prize” banners to adverts pushing malicious redirects and malvertising, you never quite know what’s waiting in your browser when the page you request loads up.

The FBI warning concerns fake ads impersonating the real thing and diverting potential victims off to parts unknown.

…cyber criminals are using search engine advertisement services to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial information.

The ads are regular search engine advertisements that typically sit at the top of your Google or Bing searches. (Depending on the search engine used, ads are indicated by the word “Sponsored” or “Ad”.) The ads the FBI is warning about paid for by criminals, and mimic real brands by using similar domain names, and linking to legitimate-looking web pages that are “identical to the impersonated business’s official webpage.”

Frustratingly, the FBI’s release is quite light on details but it does provide some suggestions for avoiding these scams.

Suggestions for avoiding these rogue ads

The FBI advice for people generally:

  • Before clicking on an advertisement, check the URL to make sure the site is authentic. A malicious domain name may be similar to the intended URL but with typos or a misplaced letter.
  • Rather than search for a business or financial institution, type the business’s URL into an Internet browser’s address bar to access the official website directly.
  • Use an ad blocking extension when performing Internet searches. Most internet browsers allow a user to add extensions, including extensions that block advertisements. These ad blockers can be turned on and off within a browser to permit advertisements on certain websites while blocking advertisements on others.

The FBI advice for business:

  • Use domain protection services to notify businesses when similar domains are registered to prevent domain spoofing.
  • Educate users about spoofed websites and the importance of confirming destination URLs are correct.
  • Educate users about where to find legitimate downloads for programs provided by the business.

A step too far, or the inevitable conclusion of bad ads out of control?

The really fascinating part here is the suggestion to block adverts. This isn’t something I recall seeing from law enforcement before, even if there is a light reference to enabling and disabling ads on “certain websites”. As noted by Techspot, blocking ads remains a controversial subject in some quarters. It’s likely that many sites you use rely on advertising cash to keep the lights on, with others moving into subscription, paywall, and additional features models instead.

Some folks and organisations use dedicated ad blocker extensions via their browser, or prefer the options found in script blocking apps. Others rely on security tools to block ads or detect and neutralise exploits and malvertising.

Whatever your approach and opinion of paid advertising online, the problem of bad ads cluttering up sponsored search results will be around for a long time to come. While the FBI release may give some folks the impression that fake adverts in search listings is a new threat, it’s been around forever. Even so, criminals know that it works and often gets results.

If you’re shopping around, or looking for financial advice and services, you could do worse than be very cautious around those paid results at the top of your page. A few minutes of hesitation could help you avoid a few hours of calling up customer support.


We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.