Interesting new scam: address bar shows whatever .com, but the phone number lies!

Jun. 19th, 2025 12:38 pm
thewayne: (Default)
[personal profile] thewayne
Scammers have found an interesting trick via Google ads, and thus far it only seems to work with them, no other online ad company. They buy an ad, for example, for Microsoft.com, that says 'Call us toll free at 805-xxx-xxxx' and it pops up as a banner at the top of the page!

So you're browsing for whatever, and this page pops up and the URL looks completely legit, and there's a phone number just below the top of the page, do you trust it?

Well, looks like these days you shouldn't.

Might want to spread the word, and article, to your more gullible friends and older relations.

https://arstechnica.com/security/2025/06/tech-support-scammers-inject-malicious-phone-numbers-into-big-name-websites/
Tags:
  • Add Memory
  • Share This Entry
Threaded | Top-Level Comments Only

Date: 2025-06-19 10:18 pm (UTC)
From: [personal profile] ndrosen
I saw a suspicious email like that, and deleted it; I’m glad that I did.

Date: 2025-06-19 10:24 pm (UTC)
thewayne: (Default)
From: [personal profile] thewayne

This appears to be more of a web page thing, but I suppose it could appear in emails.

Date: 2025-06-19 11:26 pm (UTC)
disneydream06: (Disney Shocked)
From: [personal profile] disneydream06
I basically don't trust any pop up. :o
But thanks for this warning. :o
Hugs, Jon

Date: 2025-06-20 12:31 am (UTC)
moonhare: (Eisbär)
From: [personal profile] moonhare
That is alarming. I never call using numbers on web sites until I can verify them … this looks to be difficult to sort out (but not impossible).

Speaking of alarming, when researching cd rates I pulled in a banco Santander worm… I think that’s where it came from only because I was hitting Santander sites. The RAT was disguised as an HP application, though, but damned if I know all the details because where Norton hadn’t caught this, it was a random thought to run a SpyBot scan that eked it out and ‘destroyed’ it, hopefully. Damn scan had stopped immediately after finding it (6 minutes in) because the pc had hibernated at 5 minutes (my bad).

I’ve run multiple scans since, without incident, and changed applicable passwords.
Edited Date: 2025-06-20 12:33 am (UTC)

Date: 2025-06-20 01:33 am (UTC)
thewayne: (Default)
From: [personal profile] thewayne

It's not really a popup, just a banner showing at the top of the page.

Date: 2025-06-20 01:34 am (UTC)
thewayne: (Default)
From: [personal profile] thewayne

Wow, that sucks!  Amazing how nefarious and clever these bastards can be.

Date: 2025-06-20 01:55 pm (UTC)
disneydream06: (Disney Surprised)
From: [personal profile] disneydream06
Yeah, not a fan of those either. lol......

Date: 2025-06-20 05:20 pm (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
That seems like the kind of thing that would only affect engines that index search results of other sites or similar things that would allow someone to use parameters to inject the malicious material into the page. It seems like it would be a much better idea for the crawler to index the search page and nothing else into the results, but I am not the engineer at a multi-billion dollar ad company hungry for more ways of making sure they serve ads to everyone.

Date: 2025-06-21 02:24 am (UTC)
kaishin108: dog in vw by hwm (Default)
From: [personal profile] kaishin108
That is awful! Thanks for posting this.
  • Add Memory
  • Share This Entry
Threaded | Top-Level Comments Only

Profile

thewayne: (Default)
The Wayne
Spare Brains Games

July 2025

S M T W T F S
   1 2345
67891011 12
13 1415 16171819
20212223242526
2728293031  

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 18th, 2025 12:42 am
Powered by Dreamwidth Studios