A significant cybersecurity concern has emerged as Malwarebytes Labs reports on a widespread utility scam campaign exploiting online ads. Published on February 15, 2024, the article outlines how scammers, posing as utility companies, target individuals discussing bills or seeking cost-saving measures. The campaign, primarily utilizing deceptive Google ads, exceeds previous malvertising cases in scale, with over 300 ads linked to 28 advertisers, notably from Pakistan. The ads, specifically targeting mobile users based on geolocation, redirect victims to dial phone numbers, initiating a potential threat of extortion and financial loss.
The fraudulent infrastructure behind this utility scam involves the creation of numerous domains and templates, appearing legitimate at first glance. The simplicity of these sites, containing customer-centric text and one or multiple phone numbers, adds to the scam’s efficacy. Malwarebytes Labs acknowledges the challenges in suspending these domains without extensive investigation and evidence gathering. The article concludes by advising readers to avoid clicking on search ads, highlighting the prevalence of malicious ads, and offering practical tips to safeguard against such scams, emphasizing the urgency to report any suspicious activity promptly.
