Protecting Yourself from Sponsored Websites on Search Engines
Word to the wise: If you use search engines (such as Google) to find a website you need, scroll past the sponsored ad results at the top.
Scammers buy ads that impersonate the real companies you’re looking for — banks, retailers, credit-card companies, tech firms, and anyone else you might transact with.
According to the DOJ affidavit filed in support of the domain seizure, the criminal group perpetrating the bank account takeover fraud delivered fraudulent advertisements through search engines, including Google and Bing. The ads imitated the sponsored advertisements used by legitimate banking entities.
The FBI warns of cyber criminals impersonating financial institutions to steal money or information in Account Takeover (ATO) fraud schemes. The cyber criminals target individuals, businesses, and organizations of varied sizes and across sectors. In ATO fraud, cyber criminals gain unauthorized access to the targeted online financial institution, payroll, or health savings account, with the goal of stealing money or information for personal gain. Since January 2025, the FBI Internet Crime Complaint Center (IC3) received more than 5,100 complaints reporting ATO fraud, with losses exceeding $262 million.
Cyber criminals also use a technique known as Search Engine Optimization (SEO) poisoning. SEO poisoning refers to cyber criminals purchasing ads that imitate legitimate business ads to increase the prominence of their phishing websites by making them appear more authentic to customers who use a search engine to locate the business’ website. When users click on the fraudulent search engine ad, they are directed to a sophisticated fraudulent phishing site that mimics the real website, tricking users into providing their login information.
Once the impersonators have access and control of the accounts, the cyber criminals quickly wire funds to other criminal-controlled accounts, many of which are linked to cryptocurrency wallets; therefore, funds are disbursed quickly and are difficult to trace and recover. In some cases, including nearly all social engineering cases, the cyber criminals change the online account password, locking the owner out of their own financial account(s).
How to Protect Yourself
Stay vigilant! These criminals are counting on hastiness and distractions. Avoid sponsored ads that are “pinned” to the top of search engines such as Google. Go straight to the website if you know it (such as Amazon.com, then search within Amazon rather than searching for an Amazon item on Google). If you don’t know the website, if you need to use a search engine to research, scroll beyond the sponsored ads and pay attention to the sites offered.
What Bank3 is Doing to Disrupt Imitations of Our Bank
We have around the clock monitoring and highly sophisticated services that protect Bank3 owned domains from being impersonated. Should we ever locate a potential threat, we have services that take the sites down and remove the threat. As a good practice, we encourage all Bank3 customers to only visit our website directly by entering the full address in their favorite browser. Make sure you mark our official site as a favorite/bookmark.