Malwarebytes has spotted an advertising campaign in the wild that tricks users into clicking on what looks like a notification alert that actually hides a legitimate advert, therefore abusing both the advertiser and the ad network hosting the ad (Google Ads Services).
The rogue actors behind this fraudulent activity are cleverly leveragingĀ a European law on the use of cookies to seemingly prompt visitors to answer a question.

The law applies regardless of where the website is actually hosted. Any website that is using cookies for any purpose and is targeting European users, even if not solely, must ask consent from its users to store or retrieve information from their devices. (Source)

Malwarbytes has a complete breakdown of the attack and its implementation, with screenshots, on their blog.


Leave a Reply

Discuss this


Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.