Sophisticated phishing scams are targeting ad industry media buyers through malicious Google Ads links, allowing hackers to infiltrate accounts and exploit funds for fraudulent ad campaigns.
Criminal rings worldwide, including groups suspected to be based in Brazil, Asia, and Eastern Europe, are placing fake Google Ads links that appear legitimate in search results.
Victims unknowingly enter their login credentials on phishing pages, granting hackers access to Google Ads accounts.
How it works:
Bait and switch: Fraudsters create deceptive sponsored links that mimic legitimate Google Ads login pages.
Credential theft: When ad buyers click these links and input their login details, the scammers gain account access.
Account exploitation: Hackers use stolen credentials to create phishing campaigns or run fraudulent click-based ads, funneling ad budgets back into their own operations.
Why we care. These phishing scams can compromise your Google Ads accounts, draining ad budgets and disrupting campaigns. Hackers are using stolen credentials to run fraudulent ads, which damages brand reputation and wastes resources.
Additionally, advertisers are often left to detect and report the breaches themselves, delaying resolution and compounding losses. Proactive security measures are crucial to protect assets and maintain trust with clients.
Details. Ad accounts with large budgets are prime targets, with hackers demonstrating expertise in disguising fraudulent campaigns as legitimate ones.
Malwarebytes estimates that thousands of Google Ads accounts have been compromised in recent months. Affected advertisers have reported significant financial losses and disrupted campaigns.