Facebook Whatsapp

🚨 Scammers Hijack Real Websites of Bank of America, Netflix & Microsoft to Display Fake Phone Numbers

Tags: cybersecurity, scams, search-parameter-injection, Bank of America, Netflix, Microsoft, tech-support-fraud, Malwarebytes, Jérôme Segura, phishing, browser-security

Fake support number displayed on legitimate site
Featured: Scammers inject fake support numbers onto official websites via search parameter injection

🔍 What’s Going On?

Researchers at Malwarebytes, led by Jérôme Segura, have discovered an alarming new scam technique: attackers pay for sponsored Google Ads that link to real sites (like Netflix, Microsoft, Bank of America, Apple, PayPal), but manipulate the URL to insert fake phone numbers into the site’s search results or help page—essentially hijacking legitimate domains without creating any clone sites :contentReference[oaicite:2]{index=2}.

🧠 How It Works

  1. Scammers bid on “support” related keywords (e.g., “Netflix support 24/7”).
  2. They craft URLs with malicious parameters that cause the brand’s search page to reflect the scam phone number.
  3. Victims click the ad and land on the real support page showing a fake help number.
  4. Believing it’s official, they call and are tricked into giving personal/financial details or granting remote access :contentReference[oaicite:3]{index=3}.
See the below example on Netflix
Featured: example on Netflix

🎯 Why It’s So Effective

  • The browser shows a legitimate domain—no phishing URL red flags.
  • The site layout is genuine, increasing trust :contentReference[oaicite:4]{index=4}.
  • Lack of input validation in site search functions (reflected XSS-like flaws) allows insertion of arbitrary phone numbers :contentReference[oaicite:5]{index=5}.

⚠️ What Happens if You Call?

Scammers impersonate brand support staff to:

  • Extract personal info, passwords, or financial data
  • Gain remote access to your machine
  • Drain accounts or install malware :contentReference[oaicite:6]{index=6}.

✅ How to Protect Yourself

  • Don’t trust ads for support numbers. Always navigate manually from verified domains.
  • Scrutinize URLs—beware of search queries or phone numbers in parameters, or encoded strings like %20, %2B :contentReference[oaicite:7]{index=7}.
  • Use browser defenses like Malwarebytes Browser Guard—it flags “Search Hijacking Detected” :contentReference[oaicite:8]{index=8}.
  • Verify support numbers via official emails, app menus, or physical documentation—not from search ads.
  • Hang up immediately if asked for remote access or personal information unrelated to your issue.

📋 SEO Technical Recap

  • Threat: Search parameter injection scams targeting top-brand support pages.
  • Brands affected: Netflix, Bank of America, Microsoft, Apple, PayPal, HP, Facebook.
  • Mechanism: Sponsored ads point to genuine domains but manipulate search inputs to display fake numbers.
  • User risk: Social-engineering, data theft, remote access exploitation, financial fraud.
  • Recommendations: Avoid ad-based support links, inspect URLs, block hijacked searches, verify numbers manually.

👉 Read the Full Malwarebytes Report

Dive deeper into this scam’s mechanics, see brand-specific examples, and view expert mitigation guidance—right from Malwarebytes:

👉 Full Malwarebytes Article: Scammers Hijack Websites

Stay alert. Always verify support channels directly.

Have Any Problem With Your Computer?

Got Computer Problems? We’ve Got the Solution!

Contact Us

Recent Post

Scroll to Top