Malicious actors are using Google’s ad service to get browsers to click on what seems to be a legit Amazon advert, only to be redirected to a Microsoft Defender support scam, Bleeping Computer reports.
The Microsoft Defender scam site states that the device is infected with ads(exe).financetrack(2).dll malware, and it locks the user’s browser. On Amazon’s official URL, the advertisement shows as in a typical search result. However, clicking it redirects to a scam “alert” from Microsoft Defender.
The site lets the browser into full-screen mode, which makes it challenging to get rid of without ending the Google Chrome process. Additionally, relaunching Google Chrome after terminating the process will go on to force users to restore the closed pages, reopening the scam site.
Malwarebytes uncovered a similar scam in June 2022, where a seemingly official YouTube ad would redirect to the same tech support scam.
