Phishing, Threat Intelligence, Identity

Malvertising campaign targets Lowe’s employees

Malicious Google ads have been leveraged by threat actors to target employees of U.S. home improvement retail chain Lowe's as part of a new malvertising campaign, Cybernews reports.

Attacks involved the creation of several ads redirecting to spoofed versions of Lowe's MyLowesLife employee portal in a bid to compromise credentials from current and former workers, according to a report from Malwarebytes Labs. Threat actors also sought to evade hosting provider and domain registrar detection by using artificial intelligence-generated templates to establish the phishing sites. After seeking targets to input their sales numbers and passwords that are later exfiltrated, such phishing sites prompt users to answer a security question before redirecting to the legitimate MyLowesLife website that will ask for another login, said Malwarebytes researchers. Google has since removed the malicious ads, noted researchers, who urged all workers looking to use their respective employee portals to search their company's official website or bookmark the portal rather than using sponsored search results.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds