Bottom line: A recent warning from Malwarebytes explains that users searching for tech support phone numbers can encounter fake contact information, even when visiting the official websites of major brands. Users should carefully examine text appearing in support site search bars and approach sponsored Google search results with caution, if at all.
Many people likely understand that they should verify URLs when visiting sites for banks, tech companies, and other critical services to avoid fraudulent links. While steering clear of links in suspicious emails is a well-known security precaution, hackers also frequently purchase sponsored Google ads that lead to fake websites designed to steal personal information.
However, the latest scam is even sneakier. Instead of creating fake websites, scammers inject false tech support numbers into legitimate sites by modifying parameters in sponsored search links. Search engines don't display the added text in the URLs, and official support pages don't block it, making the scam appear more convincing.
The scheme begins when users search Google for tech support numbers for major brands. Clicking on a top sponsored result leads to an actual support page, but the scammer's phone number appears in the site's search bar.
Unsuspecting users who call the number, thinking they've reached the company's call center, are instead connected to scammers attempting to steal account credentials or banking information. Malwarebytes reports that attackers have targeted support pages for Netflix, PayPal, Apple, Microsoft, Facebook, Bank of America, and HP. These hijacked search results are hardest to spot on Apple's website.
Malwarebytes says its Browser Guard extension can detect this tactic as a search hijack and warn users. Other red flags include phone numbers appearing at the end of legitimate URLs, excessive use of alarming language, encoded characters like "%20," and search pages showing results before users enter a query.
To stay safe, users should look up support numbers in previously verified communications, such as past emails or direct messages from the company, and compare them with current search results. If a support representative asks for personal or banking information unrelated to the issue, hang up immediately.
Manually navigating to a company's website and accessing the support section (without relying on search engines) can also help avoid hijacked sponsored links. Verified links can often be found in trusted communications or on the company's official social media profiles and Wikipedia page.