Summary: A new phishing campaign is targeting SEO professionals through malicious Google Ads that impersonate Semrush, aiming to steal Google account credentials. The attackers, believed to be a Brazilian threat group, focus on acquiring access to Google Ads accounts and sensitive business data linked to Semrush. This method mirrors previous operations, showcasing an evolving approach to cyber fraud within the digital marketing sector.
Affected: Semrush and its users, including SEO professionals and digital marketers.
Keypoints :
- A Brazilian threat group is targeting Semrush users to exfiltrate sensitive Google data through phishing.
- The phishing ads promote fake Semrush search results, redirecting users to look-alike domains.
- Users are advised to avoid clicking on sponsored Google Ads, bookmark trusted sites, and use password managers for security.