🐝 Never made Spelling Bee cuts? Then beware of this pitfall.

Published about 1 month ago • 2 min read

"Malvertising."

You can likely guess that's a term is a mash-up for "malware" and "advertising."

And it's been a rising problem for people searching online for popular software—especially for searchers who lean more on the typo-heavy side of the scale.

They'll come across a Google Ad that tricks them into clicking— and installing a Trojan (especially Trojan versions of Raccoon Stealer and Vidar).

These malware versions are sneakily hidden within Google advertising…

This bandit, if clicked, will then proceed to install malware on your device.

According to Guardio Labs, at first glance, the network of sites that have been developed by threat actors and promoted through Google Ads seems benign…or normal.

That’s because most of them are typo-squatted versions of popular sites.

However, once the ad gets clicked, the user gets whisked away to a phishing site.

A big "Gotcha!"

And the phishing site provides links to popular software, available for download.

However, the intent of these particular downloads is to expose the user to potentially damaging programs or unwanted applications.

Guardio has dubbed this campaign “MasquerAd.”

That's clever.

The phishing site that was found contains files hosted on Dropbox or OneDrive.

And those files are actually trojan-infected ZIP archives.

So how do you stumble over one of these fake sites?

One common trigger: searches with TYPOs!

Typos for software-searches such as AnyDesk, Grammarly, Malwarebytes, Dashlane, MS Visual Studio, Slack, Zoom, and MSI Afterburner can trigger those bad ads that take you to the phony sites.

Given that the gateway sites represent typosquatting, users are encouraged to ensure that their search queries are spelled correctly and examine sites extremely carefully to note any deviations from official design, look, feel, and branding.

If in doubt, visit the website of the software developer to do some additional research.

Also, if you see ads on websites you visit or on social media, consider typing in the name on the ad manually into the browser rather than clicking links.

Just triple check you spelled everything correctly before finishing the click.

Stay safe,

Your Dicar Networks Team

Many of our readers feel at ease knowing they're protected from malware and scams through our continuous network vulnerability assessment service. For just $80 a month, you can relax, knowing that we are constantly monitoring your network security.

If interested in having true confidence in your network's security, call us at (408) 850-6400 or simply reply to this email with "Assess My Network." (mention that you found us through this email)

Every business is different. That's why we give Tailored IT Solutions so you never have to overpay for tech-bloat.

Here’s how we can support your growth:

  1. Strategic IT Insights – Uncover productivity and growth opportunities with our Business IT Diagnostic Worksheet and Project Planning.
  2. Custom Managed IT Services – Gain peace of mind with IT solutions tailored to your specific requirements and budget.
  3. Next-Gen AI-Driven Security – Protect your business with AI-enhanced, cloud-based physical security, including smart cameras, access control, and environmental monitoring.

Ready to secure and streamline your business? Let's connect today and start building your path forward.

Dicar Networks Offices are located in Morgan Hill, and San Jose, California!

Corporate Office
295 E Dunne Ave #120
Morgan Hill, CA 95037
(408) 850-6400
sales@dicarnetworks.com

Dicar sells tech and supports businesses so they can focus on growth, instead of firewalls, physical security or tech problems.