Given Google’s popularity, scammers abuse its services to perform malicious deeds. Bad actors are getting malevolent ads onto the Google results page, and while the tactic isn’t new, this new method aims to steal your Microsoft credentials.

Fake Microsoft Ads Are Stealing People’s Accounts

In a report by Malwarebytes, the attack begins when someone searches for the Microsoft Ad program. Google serves up relevant sponsored links for the search term, and one of them is a fake copy of the Microsoft Ads website. It sports a different URL than the real website, which is usually a giveaway.

However, people are usually so trusting of Google’s search results that they blindly click the first result they see. And if the scammer is good enough, they can make their sponsored link look near-identical to the real thing, regardless of the strange URL.

The fake Microsoft Ads website has several measures to prevent unwanted visitors. For instance, if a bot tries to analyze it, or someone visits via a VPN, the website serves a fake landing page to throw them off the scent. And if you try to access the URL directly without going through the fake ad, it instead shows you a video of Rick Astley singing “Never Gonna Give You Up.”

However, if you visit via the Google ad, you’re presented with a fake Microsoft login page that asks for your username, password, and two-factor authentication code. If you hand these over, the scammers can use these details to steal your Microsoft account.

Given how this attack targets people wanting to use Microsoft Ads to advertise a product, there’s a good chance that you won’t see it. However, it is a good example of how these scams work, as they can impersonate pretty much any website. Check out our piece on Google ad scams for more information.