Phishing Scheme Doesn't Add Up for Local Victim

An online google search for a customer service number cost one local resident hundreds of dollars after clicking on a phishing ad designed to look identical to a legitimate social media website. The scam, known as “Google ad phishing” aims to trick people into clicking on malicious links by hiding them in Google search results. It can happen when users randomly search online for websites and contact information for goods or services like financial institutions, utility companies, and department stores.   

In this particular incident, the victim was having trouble with her business Facebook account and wanted to speak with a company representative. After entering her request in the Google search engine, she quickly clicked on the first “ad” at the top of the search page and was unknowingly led to a fraudulent site with a scam phone number for customer service. The victim called the number and someone pretending to be a Facebook representative advised he could help her if she would allow him access to her computer. Once the scammer successfully gained remote access, he asked for her cell phone number, texted her a code, and instructed her to enter the code into the computer. After completing the request, the cyber-criminal thanked the victim for her help and informed her he had just stolen her personal information and $435.00 from her bank account. The victim quickly checked her bank account and confirmed that $435.00 was withdrawn   and sent to a Bitcoin account.

While many legitimate businesses purchase online advertising in the form of Google AdWords to drive customers to their website, fraudsters also create advertisements of their own in order to replicate a reputable website.  Unfortunately, once a user clicks on the fake site, the cyber thief begins their deception.

To help you identify these fake ads, the Sheriff’s Office offers the following tips:

  • Check the website URL and make sure it is correct. Phishing sites appear correct but often contain a misspelling of the company name. They may also use a character or symbol to resemble a letter, such as the number “1” for the letter “L”.
  • Beware of pop-ups. If you go to a website that immediately displays a pop-up window asking you to enter your log in details it is likely you have entered a phishing site.  
  • Scan the content of the website for typos and grammatical mistakes.
  • If you are suspicious, enter a fake password. If it appears you have signed in, you are likely on a phishing site.
  • Report a phishing website or advertisement link to https://safebrowsing.google.com.

 For more information about this scam, contact the Sheriff’s Office Fraud Line at 258-3292.