🚨 Microsoft Advertisers Targeted in Massive Phishing Scam!

🔍 Cybercriminals Use Google Ads to Steal Microsoft Credentials

A dangerous malvertising campaign is tricking Microsoft advertisers by placing fake ads on Google Search! Users searching for “Microsoft Ads” are being redirected to phishing sites designed to steal their login credentials.

⚠️ How This Attack Works?

• Cybercriminals use sponsored ads that look legitimate.
• Clicking these ads redirects users to fake Microsoft login pages.
• Attackers steal passwords and two-factor authentication (2FA) codes to hijack accounts.
• VPN users are redirected to a fake marketing website to evade detection.
• If users visit the phishing page directly, they are rickrolled with a YouTube meme! 🤯

🌎 Who is Behind This?

Researchers found the phishing servers in Brazil, linking it to a previous Google Ads phishing scam hosted in Portugal. Attackers may also be targeting Meta advertisers using similar tactics.

📩 New Smishing Attack Targets USPS Customers

Hackers are also impersonating USPS in a separate SMS phishing campaign:

• Victims receive fake messages about failed deliveries.
• Clicking the link leads to a fake USPS website asking for address and payment info.
• Attackers use PDF obfuscation tricks to bypass security checks.
• The scam has already created over 630 phishing pages!

🚨 How to Stay Safe?

✅ Never click on sponsored ads—go directly to official websites.
✅ Verify URLs before entering credentials.
✅ Enable multi-factor authentication (MFA) for extra security.
✅ Beware of fake USPS messages asking for personal info.

🚀 Stay informed and protect yourself! 

#CyberSecurity #MicrosoftAds #GoogleAds #Phishing #Hacking #Malvertising #TechNews