ZDNet has come across a malicious ad that looked like an Amazon one. More particularly, the ad was spoofed to imitate a legit Amazon ad. Fortunately, it didn’t serve malware upon clicking but redirected users to a Windows tech support scam.
Related: Beware! Amazon Phishing Scam Lures Victims with Unbeatable Prices
Fake Amazon Ad Sneaks Through Google’s Ad Network
The ad was situated at the top of search results and more importantly it looked exactly like a sponsored ad served by Google. In their research, ZDNet used a tracer tool to examine the bogus Amazon ad which somehow was served via Google’s ad network. Sneaky, right?
Users who interacted with the fake Amazon ad were literally hijacked and redirected to a page that detected their operating system. In case the victim was using Windows, the page would display a Microsoft-themed BSOD (blue screen of death).
Mac users, on the other hand, were displayed a message claiming they were infected by ransomware. Victims who tried exiting the page would be shown a pop-up window with a script that added random characters to the web address. This would most likely freeze both the browser and the computer, making the situation even more frustrating.
The fake Amazon ad is no longer available. Unfortunately, the scamming website appears to be still up and running. However, the researchers decided not to disclose it. Google hasn’t commented on the case, and Amazon hasn’t replied to ZDNet’s inquiry, at least it hadn’t when the story first saw the light of day.
Related: A Bot War Against Windows Tech Support Scams Has Begun
As we wrote recently, tech support scams, especially those over the phone, have tricked too many users into giving away personal and payment information, among other negative outcomes. Windows Support tech support scams appear to be the most popular ones.
Plenty of Windows users have received phone calls with a friendly voice telling them that they have scanned their systems and have found malware. The scenario is always the same and the end goal is getting access to the victim’s credit card details. In this case, it was a bad ad that sneaked through Google’s ad system.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me:
i just encountered this fake amazon ad again today and it hijacked my browser. i searched amazon on google and clicked the top link which was an AD.