Updated on November 6 with news of a dangerous new search engine attack.

With “tens of millions of dollars” stolen from “hundreds of thousands” of web users, a serious warning has just been issued to the billions of users of the most popular web browsers. Google has removed well-known websites from search results, but that won’t eradicate links elsewhere, on social media and messaging platforms. It is essential that all users know what to look for. Bottom line: you should not use these websites.

Human Safety Satori The researchers warn that the threat actors “directed traffic to fake web stores by infecting legitimate websites with a malicious payload. This payload creates fake product listings and adds metadata that places these fake listings near the top of search engine rankings for the items, making them an attractive offer to an unsuspecting consumer. “When a consumer clicks on the article link, they are redirected to another website, this one controlled by the threat actor.”

ForbesGoogle update error: Don’t change this new Play Store settingBy Zak Doffman

On the dangerous website itself, users would be directed to a legitimate payment processing platform to purchase the chosen product. That product would never arrive, of course, but they would surely take the money. While many consumers may be protected from the ultimate financial cost through credit card chargebacks, that is never guaranteed until a claim is investigated.

In the most recently discovered campaign, bad actors “infected more than 1,000 websites to create and promote fake product listings and created 121 fake web stores to deceive consumers… estimating losses of tens of millions of dollars over the past few years.” five years, with hundreds of thousands of dollars.” of victimized consumers.”

So what can you look for to prevent your money from disappearing into a black hole?

1. Product deals that seem too good to be true usually are; If a bargain is offered below market rates, don’t proceed unless you can verify the site.
2. Check consistency between website names and names that appear in pop-ups, payment processing windows, and the URL. This specific campaign infected legitimate websites and then redirected them to other locations.
3. Does the ordering process feel completely legitimate? Do you have address details auto-complete, for example, do you check the quality of the data you enter?
4. If it’s a website you haven’t used before, check the reviews carefully; remember that they may be fake and look for known reviews of the site.
5. Can you find the product on a well-known website, even if it is more expensive?

This campaign, dubbed “phish and ship” by the research team, included a number of sophisticated touches: metadata to rise to the top of search results, although Google has removed those known to be fraudulent. By infecting legitimate websites, in this case users would initially be lulled into a false sense of security, but the redirection to a fake web store is when alarm bells should start ringing.

You can find a list of all known fake websites heresome of which remain active despite known threats according to this latest report.

ForbesWhy you should buy a new Microsoft Windows PC in 2025By Zak Doffman

“This operation highlights the relationship between the digital advertising ecosystem and fraud,” says Satori. “Without the fake organic and sponsored product listings from threat actors, there would have been no traffic to the fake web stores and therefore no fraud. “A key takeaway from Phish ‘n’ Ships is that digital advertising can be dangerous and consumers should be careful when clicking to the next step in a digital journey.”

Users of the main browsers are victims of these types of attacks. The research team warns that “Phish ‘n’ Ships remains an active threat,” although Google’s removal has “partially disrupted” its threat. “Threat actors are unlikely to stop working without trying to find a new way to perpetuate their fraud.”

When it comes to unreliable search results leading to dangerous phishing attacks, there’s another nasty new twist that’s just come to light. Malwarebytes warns that “a new wave of phishing to obtain banking credentials is targeting consumers through Microsoft’s search engine. “A search query on Bing for ‘Keybank login’ currently returns malicious links on the first page and sometimes as the main search result.”

Microsoft’s share of search pales in comparison to Google’s, although as with its ongoing campaign to push Chrome users to Edge, it’s now putting its hands in its pockets to do the same with Bing. with a new drawing of 1 million dollars.

“Although Microsoft’s Bing only has about 4% of the search engine market share,” says Malwarebytes, “criminals are attracted to it as an alternative to Google. A particularly interesting detail is how a phishing website created just two weeks ago is already indexed and displayed before the official one.”

This dangerous new campaign has managed to inflate the search signals of new and malicious sites, tricking users into clicking on the top search results for common keywords. “A malicious link is displayed as the first result and pretends to be the Keybank login page… Attackers are abusing Bing’s search algorithms.”

Users who click on the links are redirected to malicious websites created for the campaign; This uses the official branding of the lure to further fool users. The intent is simply to collect identities, login credentials, and passwords. Attackers have even found ways to collect MFA codes to facilitate logins.

As with the “Phish and Ships” attack, this socially engineered manipulation of search results, along with behind-the-scenes trickery to move traffic from legitimate sites to malicious sites, is clearly effective and nets attackers millions.

ForbesMicrosoft upgrade decision: 50 million Windows users must act nowBy Zak Doffman

The concern for users will be the soon-expected rise in AI-based search, which is not only a threat to established search engines but also to users who do not have long-term defense mechanisms and ‘senses’. spider’ to see the attacks that are coming.

Ironically, we also just saw a phishing attack that claims to come from OpenAI itselfwhich emphasizes that point of the brave new world.

Buyers beware…