According to the Federal Bureau of Investigation, cybercriminal groups are luring victims to phishing sites for financial institutions using search results and search engine advertisements in order to steal their login credentials.
The FBI said in a private industry notification (PIN) sent to the US private sector, “The schemes resulted in illicit ACH transfers amounting to hundreds of thousands of dollars in financial losses.”
Two variations of the scheme were carried out by the cyber criminals. The threat actor used search engine ads in the first version, but focused on the phishing site appearing in organic search results on its own in the second version.
To Read More: therecord.media