Adblock Plus and (a little) more

New phishing scam alert: Malicious search ads · 2025-05-05 08:59 by Rean Marie Thomas

Cyber criminals are getting smarter—and sneakier. The FBI recently issued a Public Service Announcement warning of a surge in phishing attacks where fraudsters imitate legitimate websites through search engine ads. These malicious ads are cleverly designed to mislead you, steal your credentials, and redirect your hard-earned money.

Here’s what you need to know—and how to protect yourself.

The scam: Fake ads that look real

Online phishing is a type of cyber fraud where criminals trick people into revealing sensitive information (i.e., passwords, credit card numbers, or login credentials) by pretending to be a trusted organization through fake emails, messages, or websites.

Imagine you’re trying to log into your payroll or health savings account. You type the name of the service into a search engine, and at the top, you see a sponsored link that looks exactly like what you’re looking for. You click.

But instead of taking you to the real site, it lands you on a fake page—a nearly perfect replica designed to capture your login credentials. Once entered, your username, password, and even multi-factor authentication (MFA) tokens can fall into the wrong hands.

From there, the damage can snowball. Cyber criminals use the stolen information to:
  • Access bank and payroll accounts
  • Redirect direct deposits and payments
  • Steal personally identifiable information (PII)
  • Flood your inbox with spam to hide account compromise alerts

Tricks to watch out for

These phishing campaigns aren’t obvious and are designed to trick you. The ads may include:
  • URLs that closely mimic real addresses, are slightly misspelled, or replace a letter with a number.
      Example: payr0ll.company.com instead of payroll.company.com
  • Visually accurate login pages, including logos
  • Social engineering calls pretending to be from your bank or IT support

One chilling tactic? A fake support call asking you to read them your One-Time Passcode (OTP), claiming there’s a “security issue.” Once obtained, they can access and manage your account.

How to protect yourself (and your money)

Good news: there are simple steps you can take to stay safe.

Smart browsing habits

  • Type URLs directly into your browser’s address bar instead of clicking on search results or ads.
  • Use bookmarks or favorites to access important login pages. Double-check URLs for slight misspellings or unfamiliar domain names.
  • Scroll down past the “sponsored” links to the real search results

Use an ad blocker

Ad blockers like Adblock Plus are your first line of defense. By hiding deceptive ads from search engines, they drastically reduce your chances of accidentally clicking on a phishing site.

Plus, you get a cleaner, faster, and safer browsing experience.

Don’t share your multi-factor authentication codes

MFA codes are designed as an extra layer of protection from scams.
  • Never share MFA codes with anyone—even if they say they’re from your bank.
  • If prompted for your OTP on a suspicious page, pause and verify.
  • If you receive a flood of spam emails out of nowhere, it might be a cover-up for a compromised account—check your accounts immediately.

Take action if you notice anything suspicious

If you believe you’ve interacted with a fake ad or phishing site:
  • Report it to the FBI’s Internet Crime Complaint Center
  • Contact your financial institution immediately to freeze or reverse fraudulent transactions

    Quick action and extra vigilance can make a major difference.

    Stay one step ahead

    Phishing scams are becoming more sophisticated and prolific, but you don’t have to face them alone.

    Install an ad blocker like Adblock Plus today and reduce the risk of falling victim to deceptive search ads. For even more protection, consider Adblock Plus Premium to block cookie banners and automatically reject their third-party trackers. Powerful ad blocking and enhanced privacy online for a low monthly price that’s less than a cup of coffee from your favorite coffeeshop.

    Protecting yourself starts with awareness—and with tools that keep you safer online.

    Commenting is closed for this article.

Cookie preferences

We use some cookies to give you the best experience on our website. Read more

Cookie preferences

We use some cookies to give you the best experience on our website. By using our site you are aware that we are using cookies and you can change this any time. Learn more

Necessary cookies

Used to remember your privacy preferences. They cannot be switched off.

Tracking cookies

We use these to analyze website traffic.