And they are not alone in raising issues. Two years ago, the FBI warned about this type of scam being done through purchased ads, but nothing has happened since then. Security vendor Netskope recently reported that, according to its telemetry, phishing click rates will triple by 2024, with SEO poisons and malpractices part of the reason for the alarming increase, as cybercriminals move their operations outside the inbox.
For Strawberry, this has now led to changing the default search engine in Chrome to DuckDuckGo before Christmas, when the ad activity is also disabled as an additional safeguard.
“It’s a little weird because we ourselves depend on Google ads, so it might seem like we’re shooting ourselves. But there has to be a balance where they make sure they verify the ads and don’t allow the ads to be designed so that you enter a URL that isn’t what you end up with. It’s incredibly surprising,” said Belak.
Source link