March 15, 2023

Warning: False Google Ads spreading malware

VUMC’s Enterprise Cybersecurity (VEC) team is issuing a new warning about recent Google Ads that potentially spread malware. These reported Google Ads are specific to recently search applications, such as Grammarly or Ring. These scams can be disguised as a legitimate company and may even depict an identical company website. However, once an individual tries to download the application, malware is installed instead.

The following applications have been reported or observed as a threat when displayed as a Google Ad.

·       Grammarly ·       μTorrent
·       MSI Afterburner ·       OBS
·       Slack ·       Ring
·       Dashlane ·       AnyDesk
·       Malwarebytes ·       Libre Office
·       Audacity ·       Teamviewer
·       Thunderbird ·       Brave


Here is how you can protect yourself against false Google Ads:

  1. Ensure your browser has the ad-blocker turned on, which should remove ads based on your search history.
  2. Avoid clicking on the first search result, especially if it indicates it’s “promoted” or an “ad”.
  3. Review your results until you find the official site for the application you’re looking for.

For additional resources and help regarding malware from Google Ads, reach out to the Help Desk at 615-343-HELP (3-4357). If you suspect that your computer has been infected by malware, ask the Help Desk to put in a ticket using the Configuration Item (CI): VEC-SOC-MALWARE.