Protect Yourself from Tech Support Scams: A Guide for Small Businesses

Understanding the Tech Support Scam Landscape

Protect Yourself from Tech Support Scams: A Guide for Small Businesses

Tech support scammers have developed a sophisticated method to inject fake phone numbers into official websites of major companies like Apple, PayPal, Netflix, Microsoft, HP, and Bank of America. This tactic exploits Google ads that appear at the top of search results for these brands' support pages.

When users click on these sponsored links, they are redirected to the legitimate company website. However, malicious parameters appended to the URL manipulate the site's search function to display fraudulent contact numbers as if they were official recommendations.

How Scammers Operate

The scam, detailed in a June 2025 report by security firm Malwarebytes, bypasses common security advice such as checking the browser's address bar. The page is genuinely from the trusted domain. Scammers purchase these ads, which only show the official hostname (e.g., https://www.apple.com), but include hidden query strings that trigger the injection.

For instance, on Apple's site, the altered page might suggest calling a scam number for support, tricking users into believing it's authentic.

The Risks of Falling for Scams

Jérôme Segura, Malwarebytes' lead malware intelligence analyst, noted that even savvy users might be fooled, as the page looks identical to the real one. The vulnerability stems from websites failing to validate these preformed queries, treating them as legitimate searches.

Once victims call the number, scammers impersonate company representatives. They may coerce victims to reveal personal information, payment details, or grant remote access to their devices. This can lead to identity theft, financial account drainage, or malware installation.

Prevention Measures

Avoid Clicking on Google Ads

One of the best ways to protect yourself is to avoid clicking on Google ads entirely. Instead, opt for organic search results. These results are less likely to lead you to fraudulent sites.

Use Browser Extensions

Malwarebytes' browser extension now detects and alerts users to these injections. Installing this tool can provide an extra layer of security while you browse.

Verify Contact Numbers

Always verify contact numbers directly from the company's official site without using search ads. This simple step can save you from falling victim to scams.

Consider Ad Blockers

Using ad blockers or security software can also enhance your protection against these scams. These tools help filter out potentially harmful ads and websites.

Stay Informed

Awareness and skepticism are key to thwarting these evolving scams. Stay informed about the latest tactics used by scammers. Knowledge is your best defense.

Conclusion

Tech support scams are becoming increasingly sophisticated. By understanding how they operate and implementing preventive measures, you can protect yourself and your business from these threats. Remember, always verify contact information through official channels and be cautious when clicking on ads.

For more information on how to stay safe online, visit Malwarebytes.

Stay vigilant and protect your personal and business information from tech support scams.