Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    You don’t have to explain everything to Claude anymore – it’s finally in your apps

    UK launches vulnerability research program for external experts

    Interlock ransomware adopts FileFix method to deliver malware

    Facebook X (Twitter) Instagram
    • Artificial Intelligence
    • Business Technology
    • Cryptocurrency
    • Gadgets
    • Gaming
    • Health
    • Software and Apps
    • Technology
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Tech AI Verse
    • Home
    • Artificial Intelligence

      AI chatbot Grok issues apology for antisemitic posts

      July 13, 2025

      Apple sued by shareholders for allegedly overstating AI progress

      June 22, 2025

      How far will AI go to defend its own survival?

      June 2, 2025

      The internet thinks this video from Gaza is AI. Here’s how we proved it isn’t.

      May 30, 2025

      Nvidia CEO hails Trump’s plan to rescind some export curbs on AI chips to China

      May 22, 2025
    • Business

      Cloudflare open-sources Orange Meets with End-to-End encryption

      June 29, 2025

      Google links massive cloud outage to API management issue

      June 13, 2025

      The EU challenges Google and Cloudflare with its very own DNS resolver that can filter dangerous traffic

      June 11, 2025

      These two Ivanti bugs are allowing hackers to target cloud instances

      May 21, 2025

      How cloud and AI transform and improve customer experiences

      May 10, 2025
    • Crypto

      3 LetsBONK.fun Ecosystem Tokens To Watch For the Third Week of July

      July 14, 2025

      Bank of England Chief Sounds Alarm on Big Bank Stablecoin Issuance

      July 14, 2025

      XRP Rally Is Being Driven By South Korean Traders

      July 14, 2025

      Analyst Says MicroStrategy Could Trigger a Bitcoin Cascade Worse Than Mt. Gox or 3AC

      July 14, 2025

      Pudgy Penguins (PENGU) Skyrockets as Justin Sun Joins the Huddle

      July 14, 2025
    • Technology

      You don’t have to explain everything to Claude anymore – it’s finally in your apps

      July 15, 2025

      UK launches vulnerability research program for external experts

      July 15, 2025

      Interlock ransomware adopts FileFix method to deliver malware

      July 15, 2025

      Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boot

      July 15, 2025

      Malicious VSCode extension in Cursor IDE led to $500K crypto theft

      July 15, 2025
    • Others
      • Gadgets
      • Gaming
      • Health
      • Software and Apps
    Shop Now
    Tech AI Verse
    You are at:Home»Technology»Address bar shows hp.com. Browser displays scammers’ malicious text anyway.
    Technology

    Address bar shows hp.com. Browser displays scammers’ malicious text anyway.

    TechAiVerseBy TechAiVerseJune 19, 2025No Comments3 Mins Read0 Views
    Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Reddit
    Address bar shows hp.com. Browser displays scammers’ malicious text anyway.
    Share
    Facebook Twitter LinkedIn Pinterest WhatsApp Email

    Address bar shows hp.com. Browser displays scammers’ malicious text anyway.

    Not the Apple page you’re looking for

    “If I showed the [webpage] to my parents, I don’t think they would be able to tell that this is fake,” Jérôme Segura, lead malware intelligence analyst at Malwarebytes, said in an interview. “As the user, if you click on those links, you think, ‘Oh I’m actually on the Apple website and Apple is recommending that I call this number.’”

    The unknown actors behind the scam begin by buying Google ads that appear at the top of search results for Microsoft, Apple, HP, PayPal, Netflix, and other sites. While Google displays only the scheme and host name of the site the ad links to (for instance, https://www.microsoft.com), the ad appends parameters to the path to the right of that address. When a target clicks on the ad, it opens a page on the official site. The appended parameters then inject fake phone numbers into the page the target sees.

    A fake phone number injected into a Microsoft webpage.

    Credit:
    Malwarebytes

    A fake phone number injected into a Microsoft webpage.


    Credit:

    Malwarebytes

    A fake phone number injected into an HP webpage.

    Credit:
    Malwarebytes

    A fake phone number injected into an HP webpage.


    Credit:

    Malwarebytes

    Google requires ads to display the official domain they link to, but the company allows parameters to be added to the right of it that aren’t visible. The scammers are taking advantage of this by adding strings to the right of the hostname. An example:

    /kb/index?page=search&q=☏☏Call%20Us%20%2B1-805-749-2108%20AppIe%20HeIpIine%2F%2F%2F%2F%2F%2F%2F&product=&doctype=¤tPage=1&includeArchived=false&locale=en_US&type=organic


    Credit:

    Malwarebytes

    The parameters aren’t displayed in the Google ad, so a target has no obvious reason to suspect anything is amiss. When clicked on, the ad leads to the correct hostname. The appended parameters, however, inject a fake phone number into the webpage the target sees. The technique works on most browsers and against most websites. Malwarebytes.com was among the sites affected until recently, when the site began filtering out the malicious parameters.

    Fake number injected into an Apple webpage.

    Credit:
    Malwarebytes

    Fake number injected into an Apple webpage.


    Credit:

    Malwarebytes

    “If there is a security flaw here it’s that when you run that URL it executes that query against the Apple website and the Apple website is unable to determine that this is not a legitimate query,” Segura explained. “This is a preformed query made by a scammer, but [the website is] not able to figure that out. So they’re just spitting out whatever query you have.”

    So far, Segura said, he has seen the scammers abuse only Google ads. It’s not known if ads on other sites can be abused in a similar way.

    While many targets will be able to recognize that the injected text is fake, the ruse may not be so obvious to people with vision impairment, cognitive decline, or who are simply tired or in a hurry. When someone calls the injected phone number, they’re connected to a scammer posing as a representative of the company. The scammer can then trick the caller into handing over personal or payment card details or allow remote access to their computer. Scammers who claim to be with Bank of America or PayPal try to gain access to the target’s financial account and drain it of funds.

    Malwarebytes’ browser security product now notifies users of such scams. A more comprehensive preventative step is to never click on links in Google ads, and instead, when possible, to click on links in organic results.

    Share. Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Telegram Email
    Previous ArticleAfter RFK Jr. overhauls CDC panel, measles and flu vaccines are up for debate
    Next Article Smart TV OS owners face “constant conflict” between privacy, advertiser demands
    TechAiVerse
    • Website

    Jonathan is a tech enthusiast and the mind behind Tech AI Verse. With a passion for artificial intelligence, consumer tech, and emerging innovations, he deliver clear, insightful content to keep readers informed. From cutting-edge gadgets to AI advancements and cryptocurrency trends, Jonathan breaks down complex topics to make technology accessible to all.

    Related Posts

    You don’t have to explain everything to Claude anymore – it’s finally in your apps

    July 15, 2025

    UK launches vulnerability research program for external experts

    July 15, 2025

    Interlock ransomware adopts FileFix method to deliver malware

    July 15, 2025
    Leave A Reply Cancel Reply

    Top Posts

    New Akira ransomware decryptor cracks encryptions keys using GPUs

    March 16, 202528 Views

    OpenAI details ChatGPT-o3, o4-mini, o4-mini-high usage limits

    April 19, 202522 Views

    6.7 Cummins Lifter Failure: What Years Are Affected (And Possible Fixes)

    April 14, 202520 Views

    Rsync replaced with openrsync on macOS Sequoia

    April 7, 202520 Views
    Don't Miss
    Technology July 15, 2025

    You don’t have to explain everything to Claude anymore – it’s finally in your apps

    You don’t have to explain everything to Claude anymore – it’s finally in your apps…

    UK launches vulnerability research program for external experts

    Interlock ransomware adopts FileFix method to deliver malware

    Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boot

    Stay In Touch
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    About Us
    About Us

    Welcome to Tech AI Verse, your go-to destination for everything technology! We bring you the latest news, trends, and insights from the ever-evolving world of tech. Our coverage spans across global technology industry updates, artificial intelligence advancements, machine learning ethics, and automation innovations. Stay connected with us as we explore the limitless possibilities of technology!

    Facebook X (Twitter) Pinterest YouTube WhatsApp
    Our Picks

    You don’t have to explain everything to Claude anymore – it’s finally in your apps

    July 15, 20252 Views

    UK launches vulnerability research program for external experts

    July 15, 20252 Views

    Interlock ransomware adopts FileFix method to deliver malware

    July 15, 20252 Views
    Most Popular

    Xiaomi 15 Ultra Officially Launched in China, Malaysia launch to follow after global event

    March 12, 20250 Views

    Apple thinks people won’t use MagSafe on iPhone 16e

    March 12, 20250 Views

    French Apex Legends voice cast refuses contracts over “unacceptable” AI clause

    March 12, 20250 Views
    © 2025 TechAiVerse. Designed by Divya Tech.
    • Home
    • About Us
    • Contact Us
    • Privacy Policy
    • Terms & Conditions

    Type above and press Enter to search. Press Esc to cancel.