You click a Google ad and suddenly find yourself at a fake login page!

Over 500,000 people just lost their credentials to fake Google and Bing ads.

Key Takeaways:
Scammers built fake ads for payroll, HR portals, trading platforms using Google/Bing to steal logins and MFA codes. ([techradar.com](https://www.techradar.com/pro/security/scammers-trick-over-500-000-victims-with-fake-google-bing-ads-to-steal-personal-info))
They used real-time Telegram bots to capture one-time codes and hide their infrastructure. ([techradar.com](https://www.techradar.com/pro/security/scammers-trick-over-500-000-victims-with-fake-google-bing-ads-to-steal-personal-info))
The campaign resurfaced mid-2024 with upgraded tools to bypass two-factor authentication. ([techradar.com](https://www.techradar.com/pro/security/scammers-trick-over-500-000-victims-with-fake-google-bing-ads-to-steal-personal-info))

Here’s a scenario you might face at work. You see a sponsored Google ad for your payroll provider. It looks legit. You log in. Seconds later your account is compromised.

This really happened. A group dubbed Payroll Pirates tricked over 500,000 users with fake Google and Bing ads, spoofing payroll and HR platforms to steal credentials and MFA codes. The campaign hit 200+ platforms, used cloaked domains and real-time phishing bots. ([techradar.com](https://www.techradar.com/pro/security/scammers-trick-over-500-000-victims-with-fake-google-bing-ads-to-steal-personal-info))

Marcus the growing SMB leader — you want teams across offices to catch this before it’s too late. What you do is train everyone to always verify the actual domain and never trust search ads blindly.

Update your team’s phishing awareness today — claim a free simulated campaign.

https://www.techradar.com/pro/security/scammers-trick-over-500-000-victims-with-fake-google-bing-ads-to-steal-personal-info