Microsoft advertiser accounts are getting hacked using Google ads

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

According to a Forbes report, hackers are targeting Microsoft advertiser accounts to steal login credentials and gain unauthorized access to the advertising platform. 

Cybersecurity researchers at Malwarebytes uncovered how these attacks are carried out, revealing that cybercriminals use malicious ads on Google Search to harvest sensitive information from unsuspecting users.

Despite Google’s security measures, some sponsored ads contained malicious links that redirected users to fraudulent pages. Upon being contacted by Malwarebytes, Google highlighted its strict policies against deceptive ads. 

Google stated that it actively suspends advertisers’ accounts found violating these rules, including those associated with the reported attacks.

Microsoft advertisers targeted by phishing ads

Hackers use advanced cloaking techniques to avoid detection by bots, security scanners, and crawlers. These techniques ensure that only real users see the phishing page, while automated security systems are misled. 

If a visitor uses a VPN, the system redirects them to a “white page” with fake marketing content, concealing the scam from security tools.

However, legitimate users are taken to a cloaked phishing page that includes a fake “Are you human?” verification check.

Once the victim passes the check, they are redirected to a counterfeit Microsoft Ads login page hosted on a malicious domain.

This scheming page mimics the real Microsoft interface and tricks users into entering their credentials. 

The page also displays a fake error message, further adding to the deception, urging users to reset their password, a common tactic designed to bypass two-factor authentication (2FA) protections.

This allows hackers to capture new passwords, potentially granting them full control over compromised accounts.

Jérôme Segura, Malwarebytes’ senior director of research, provided security tips to help users avoid falling for such scams:

• Verify URLs before entering login credentials to ensure authenticity.
• Use 2FA carefully, and always confirm authentication requests before approving them.
• Monitor advertising accounts regularly for suspicious activity or unauthorized changes.
• Report suspicious ads to Google to help prevent others from becoming victims.

Google continues to monitor and take action against malicious ad campaigns, enforcing its policies to protect users. 

Have any thoughts on this new phishing method? Have you noticed any suspicious activity around your Microsoft account recently? Tell us below in the comments, or via our Twitter or Facebook.