icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Buffalo, New York
United States

Current Threat Data

Google Account Hijackers Target Victims Via Semrush Ads

Summary:
Security researchers have issued a warning about a new malvertising campaign that exploits fake Google ads for Semrush, a SEO and marketing platform widely used by businesses, to harvest victims’ Google account credentials and sensitive data. According to Malwarebytes, the threat actors behind the campaign are leveraging Google Search ads to impersonate Semrush, drawing unsuspecting users to a counterfeit Semrush login page. Notably, the fraudulent page only offers a "Log in with Google" option, prompting users to unknowingly hand over their Google credentials.

This is especially concerning because many Semrush users link their accounts to high-value Google services like Google Analytics and Google Search Console, both of which contain sensitive business data. Once compromised, attackers can access detailed insights into a company’s website performance, traffic sources, user behavior, and strategic marketing efforts. In addition to Google data, attackers can extract personal and financial information stored in Semrush accounts, including full names, business details, phone numbers, emails, addresses, and even the last four digits of stored Visa cards.

Security Officer Comments:
Malwarebytes warns that this data can be used for identity theft or social engineering attacks, such as impersonating the business to deceive vendors or partners into making payments to fraudulent accounts. The attackers may also use partial credit card data to launch follow-up scams. For example, posing as Semrush support, they could reference a legitimate-sounding billing issue to trick users into revealing full payment details, heightening the potential financial damage.

Suggested Corrections:
Recommendations include restricting account access, enabling two-factor authentication, using ad blockers, and carefully verifying URLs before entering login information. Organizations should also monitor for suspicious ad placements targeting their brand and educate staff on identifying phishing and impersonation schemes.


Link(s):
https://www.infosecurity-magazine.com/news/google-hijackers-target-victims/

https://www.malwarebytes.com/blog/news/2025/03/semrush-impersonation-scam-hits-google-ads

Contact Us for Threat Assistance
Back to Current Threats