NEW SCAM ALERT!

Tech support scammers have developed a sophisticated method to inject fake phone numbers into official websites of major companies like Apple, PayPal, Netflix, Microsoft, HP, and Bank of America. This tactic exploits Google ads that appear at the top of search results for these brands' support pages. When users click on these sponsored links, they are redirected to the legitimate company website, but malicious parameters appended to the URL manipulate the site's search function to display fraudulent contact numbers as if they were official recommendations.

The scam, detailed in a June 2025 report by security firm Malwarebytes, bypasses common security advice such as checking the browser's address bar, since the page is genuinely from the trusted domain. Scammers purchase these ads, which only show the official hostname (e.g., https://www.apple.com), but include hidden query strings that trigger the injection. For instance, on Apple's site, the altered page might suggest calling a scam number for support, tricking users into believing it's authentic.

Jérôme Segura, Malwarebytes' lead malware intelligence analyst, noted that even savvy users might be fooled, as the page looks identical to the real one. The vulnerability stems from websites failing to validate these preformed queries, treating them as legitimate searches. Once victims call the number, scammers impersonate company representatives, coercing them to reveal personal information, payment details, or grant remote access to their devices. This can lead to identity theft, financial account drainage, or malware installation.

Prevention measures include avoiding clicks on Google ads entirely—opt for organic search results instead. Malwarebytes' browser extension now detects and alerts users to these injections. Additionally, always verify contact numbers directly from the company's official site without using search ads, and consider using ad blockers or security software for added protection. Awareness and skepticism are key to thwarting these evolving scams.

Source: https://arstechnica.com/security/2025/06/tech-support-scammers-inject-malicious-phone-numbers-into-big-name-websites/