When shopping online, your first move might be to type in the product you’re looking for into a search engine like Google. Then you simply click one of the first few links that appear in your search results.
While it may seem to be the simplest approach, cybercriminals are well aware of this and are taking advantage of its weaknesses.
Let’s go through exactly how they’re doing this and what you can do to avoid clicking on those malicious links.
With this report from February, we began tracking claims that malvertising is surging. Malvertising, short for malicious advertising, is a technique used by cybercriminals to distribute malware through online advertisements.
Here’s how it plays out. Scammers will typically purchase ad space on legitimate platforms such as search engines, social media sites, or popular websites and then insert malicious code or harmful links into those fake Amazon or Microsoft ads that look legit so that it’s the first thing you see when you search for something related to that ad. When you click on these ads or interact with them, you may be redirected to websites that host malware or are prompted to download files containing malicious software. That malware can harm your computer or allow the hacker to steal your personal information.
Because Amazon and Microsoft are both big companies that most people buy from, and the links are right at the top, the chances of those fake links getting clicked on are much higher. Plus, the links are designed to look like they’re coming directly from the website, so people may not think to do a little digging before clicking.
Look closely at the domain name in the link. Scammers often create fake websites with domains similar to popular or trusted ones, intending to deceive you. For example, they may replace letters with similar-looking characters or add extra words. Verify that the domain matches the legitimate website you intend to visit.
Take a close look at the website’s overall appearance, design and content. Poorly designed or unprofessional-looking websites could be indications of malicious intent. Look for typos, grammatical errors or suspicious content.
Hover your mouse cursor over the link (without clicking) to see the actual URL that appears in your browser’s status bar or tooltip. Verify that the displayed URL matches the link you expect to visit.
If you encounter a shortened URL, such as those created by services like bit.ly or tinyurl.com, exercise caution. These links obscure the original destination, making it difficult to assess their legitimacy.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER BY HEADING TO CYBERGUY.COM/NEWSLETTER
Understanding how scammers target their victims is half the battle. Make sure you always stay up on the most recent techniques and the schemes they are using. If you are unsure of the shopping site, Google the name and the word “scam.”
If you get an email or a text message asking you to click a link either to view a product or verify your information, don’t fall for it. Scammers use this technique all the time to try to fool you. They’ll even pretend to be a real high-ranking official from the IRS or some other government organization to try to scare you into falling for their schemes.
You always want to be careful with what you post on social media. Scammers are constantly looking for those who overshare because they feel like easier targets. Make sure you think twice before you post and watch out for any fake ads that might be posted to sites like Facebook and Instagram as well.
Some scammers will even go as far as to post fake reviews for a product to make it look like it’s a good one. However, you can avoid these fake reviews by using a site like Fakespot.com that grades the truthfulness of Amazon reviews. Check this website before trusting a random person online.
Consider using a browser that has built-in security features, such as phishing and malware protection. Browsers like Google Chrome, Mozilla Firefox, Microsoft Edge, Opera and Brave offer such functionalities.
Whenever possible, enable two-factor authentication for your online shopping accounts. This adds an extra layer of security by requiring a secondary verification method, such as a unique code sent to your mobile device in addition to your password.
Regularly update your operating system, web browsers and other software on your device. These updates often include security patches that address vulnerabilities and protect against known threats.
Having antivirus software running on your devices will make sure you are stopped from clicking on any malicious links or from downloading any files that will release malware into your device and potentially have your private information stolen.
See my expert review of the best antivirus protection for your Windows, Mac, Android, and iOS devices by visiting CyberGuy.com/LockUpYourTech
The biggest thing that I want you to take away from this article is to not just put all your trust into the first thing you see online. Simply stay alert. Trust me; you’d rather spend a little extra time online and get the product you want than click on something fake and risk your information getting stolen.
Have you seen any fake Amazon or Microsoft ads? How frustrating is it for you to have to worry about these fake ads? Let us know by writing us at CyberGuy.com/Contact
For more of my security alerts, subscribe to my free CyberGuy Report Newsletter by heading to CyberGuy.com/Newsletter
Copyright 2023 CyberGuy.com. All rights reserved.