Threat Alert: What to Watch For

• Cybercriminals are abusing Google Ads to have links to malicious web pages appear at the top of Google’s search results as sponsored links. These malicious links are tagged as “Ad” by Google. 
• These web pages are made to imitate the software download pages for popular software utilities and applications. Downloading software from these imitation sites leads to the installation of malware on the device.  
• Attackers create URLs for their lookalike sites that closely resemble the URLs of the legitimate download sites. For example, attackers may switch out letters that can resemble each other at a quick glance, such as a “0” for an “o” or a “5” for an “s.”  

Tips to Remember (at Work and at Home)

• Follow approved software installation processes. If you need to download or update a specific software utility or application, follow the UCSF approved method.
• Be aware of potential lookalike web pages. When downloading software from the internet, always look for signs of potential web page impersonation. Be sure to check the URL carefully. Some imposter sites use URLs that very closely resemble the legitimate URL.

• Install a reputable, well-researched mobile antivirus app. If you inadvertently download malware, an antivirus app can help to identify it and alert you to problems. Mobile security apps help to protect your device and personal information.