The danger here lies in the fact that many individuals trust mainstream search engines as reliable, assuming that the first result, regardless of it being sponsored, is legitimate. This misplaced trust leads to users clicking on fraudulent sites, which is exactly what threat actors exploit, says Max Gannon, Cyber Intelligence Team Manager at Cofense. This malvertising campaign serves as an important reminder to stay vigilant and exercise caution when engaging in sponsored search results.
Once a target clicks on the ad, they will be taken to a phishing page. This page matches the structure of the legitimate MyLowesLife website. There, the target will be prompted to input their sales number and password. The information inputted into the phishing website is then transferred to the threat actor and the target is redirected to the legitimate website.
Collection
[
|
...
]