Summary: A recent Malwarebytes report reveals that cybercriminals are targeting Semrush, a prominent SaaS platform, by impersonating its ads to gain access to users’ Google accounts. The attackers deploy malicious ads featuring various domain names to redirect users to fraudulent login pages designed to harvest credentials. This operation poses significant risks as compromised Google accounts can lead to the theft of critical business data from Google Analytics and Google Search Console.
Affected: Semrush, Google Accounts
Keypoints :
- Cybercriminals are exploiting the popularity of Semrush, used by many Fortune 500 companies, to target users.
- The campaign involves impersonating Semrush through malicious ads, redirecting users to fake login pages.
- Compromised accounts can leak confidential data and enable further fraud against businesses by leveraging stolen information.
Source: https://securityonline.info/semrush-impersonation-scam-targets-google-ads/