The scammers use a legitimate Salesforce CRM tool to fake emails from the Google Account Security Team. Some victims were asked to verify their 2FA, indicating the scammers aim to take over Google accounts.

Malwarebytes spotted a recent resurgence in malvertising, where threat actors are using deceptive ads to distribute malware disguised as legitimate software downloads. The campaign targets popular utility software such as Slack, Notion, and Calendly.

Android users are at risk of adware infections from MobiDash, which can be added to legitimate apps without changing their functionality. This adware, known for delayed activation, spreads through various channels including Facebook and adult sites.

A fake Disney+ activation page redirects to a pornographic scam, tricking victims by creating a fake Microsoft scanner claiming child abuse imagery on their computer. Scammers use SEO to place fraudulent sites in Google search results.

Two deceptive campaigns were identified recently using Google ads and Microsoft's infrastructure. The first scam involves a fake helpdesk page on Microsoft Learn whereas the second one hijacks Microsoft search queries through a Google ad.

This type of scam typically starts with a comment on a funeral home's Facebook notification, promoting a fake live stream of the funeral service or soliciting donations on behalf of the deceased family.

A new malware campaign has targeted numerous online stores, compromising their security by injecting digital skimmers that can steal credit card information during the checkout process.

The suspicious ad for Slack appeared legitimate but was likely malicious. Clicking on it would initially redirect to slack.com. However, after several days, it started redirecting to a click tracker, showing signs of a potentially malicious campaign.

Scammers have been targeting dozens of Google products through malicious search ads. They impersonated Google's product line and used Looker Studio to lock up Windows and Mac users' browsers.

A threat actor recently impersonated Google through a fake ad for the Google Authenticator, a popular multi-factor authentication program. This resulted in innocent users unknowingly downloading malware or falling victim to phishing scams.