Cybersecurity

8073 readers

127 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone number | Malwarebytes (www.malwarebytes.com)

submitted 1 month ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

7 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Warl0k3@lemmy.world 8 points 1 month ago (4 children)

Wait, so are they injecting the number into the actual legit support website, or does this only show up in the google search results as the wrong number, but following the link directs you to the legit site? The article is kinda unclear on which it is.

[–] m4ylame0wecm@lemmy.zip 9 points 1 month ago (1 children)

Heres thr gist I got from it: Scammer buys sponsored link, link has extra bits on URL.

Website operator's page loads, but blindly accepts extra info from the clicked URL (for prefilled search terms) and displays that in their own search bar's text input field.

The Apple and HP examples show this decently, the scammer text/phone number is just sitting as search input.

Blame whoever, but seems like this is on the website operators/developers as much as $boogeyManSearchEngine.

[–] Warl0k3@lemmy.world 1 points 1 month ago

That makes sense, thank you!

[–] HubertManne@piefed.social 2 points 1 month ago

The title makes is sound like that but its search site paid searches.

[–] Dolphinfreetuna@lemmy.world 1 points 1 month ago

My understanding is they buy sponsored ads, the link goes to a fake Netflix support site, and you call their phone number.

[–] seang96@spgrn.com 1 points 1 month ago

They attackers are using query parameter to fill in their support number on the official sites search bar, adding ?q= to the end of the URL.