Backside line: A latest warning from Malwarebytes explains that customers looking for tech help telephone numbers can encounter pretend contact info, even when visiting the official web sites of main manufacturers. Customers ought to rigorously look at textual content showing in help web site search bars and strategy sponsored Google search outcomes with warning, if in any respect.
Many individuals probably perceive that they need to confirm URLs when visiting websites for banks, tech firms, and different crucial providers to keep away from fraudulent hyperlinks. Whereas steering away from hyperlinks in suspicious emails is a well known safety precaution, hackers additionally incessantly buy sponsored Google advertisements that result in pretend web sites designed to steal private info.
Nevertheless, the newest rip-off is even sneakier. As an alternative of making pretend web sites, scammers inject false tech help numbers into reliable websites by modifying parameters in sponsored search hyperlinks. Engines like google do not show the added textual content within the URLs, and official help pages do not block it, making the rip-off seem extra convincing.
The scheme begins when customers search Google for tech help numbers for main manufacturers. Clicking on a high sponsored outcome results in an precise help web page, however the scammer’s telephone quantity seems within the web site’s search bar.
Unsuspecting customers who name the quantity, considering they’ve reached the corporate’s name heart, are as a substitute linked to scammers making an attempt to steal account credentials or banking info. Malwarebytes reviews that attackers have focused help pages for Netflix, PayPal, Apple, Microsoft, Fb, Financial institution of America, and HP. These hijacked search outcomes are hardest to identify on Apple’s web site.
Malwarebytes says its Browser Guard extension can detect this tactic as a search hijack and warn customers. Different crimson flags embody telephone numbers showing on the finish of reliable URLs, extreme use of alarming language, encoded characters like “%20,” and search pages displaying outcomes earlier than customers enter a question.
To remain secure, customers ought to lookup help numbers in beforehand verified communications, akin to previous emails or direct messages from the corporate, and evaluate them with present search outcomes. If a help consultant asks for private or banking info unrelated to the difficulty, dangle up instantly.
Manually navigating to an organization’s web site and accessing the help part (with out counting on search engines like google) also can assist keep away from hijacked sponsored hyperlinks. Verified hyperlinks can usually be present in trusted communications or on the corporate’s official social media profiles and Wikipedia web page.
