JAKARTA - The Federal Bureau of Investigation (FBI) reports that cybercriminals are now using advertising services in search browsers to steal user credentials.

This ad service is used to disguise as a brand and direct users to malicious sites that host ransomware and steal login credentials and other financial information.

"Cyclists buy ads that appear in internet search results using domains similar to actual businesses or services," the FBI said on Twitter.

Then, when the user traces the business or service, the ad appears at the top of the search results. This ad is then linked to a web page that looks identical to the official business web page being imitated.

"In the case where users are looking for a program to download, the scam website has a link to download software that is actually malware. The download page looks legitimate and the download itself is named after the program the user wants to download," he added.

The FBI also claims that the ad has been used to emulate websites involved in finance, particularly cryptocurrency exchange platforms.

These malicious sites ask users to enter entry credentials and financial information, and then provide access to criminals to steal funds.

"Although search engine ads are not malicious, it is important to be careful when accessing web pages via advertised links," the FBI said.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)