BEFORE you contact the helpline support

We are now being repeatedly warned that legitimate infrastructure is being hijacked by attackers. This includes spoofed Google support addresses, Gmail passwords and even federal agency phone numbers.

Now there’s another such attack to beware.

Malwarebytes warns that scammers are crafting malicious search engine results that link to legitimate sites — such as Netflix or Microsoft, but then open a webpage that includes a search box with a dangerous phone number inserted.

If you call the number, the handler will pretend to represent the brand you called from, “with the aim of getting their victim to hand over personal data or card details, or even allow remote access to their computer.” If that brand is a financial firm such as PayPal or Bank Of America, scammers will try to empty accounts.

The team says this could be called “a search parameter injection attack, because the scammer has crafted a malicious URL that embeds their own fake phone number into the genuine site’s legitimate search functionality.”

Users should watch for these red flags:

"A phone number in the URL

Suspicious search terms like ‘Call Now’ or ‘Emergency Support’ in the address bar of the browser

Lots of encoded characters like the %20 (space) and %2B (+ sign) along with phone numbers

The website showing a search result before you entered one

The urgent language (Call Now, Account suspended, Emergency support) displayed on the website

An in-browser warning for known scams (don’t ignore this)."

This follows another warning this week from Netcraft, that threat actors are “exploiting [search engine] tools to deliver scams more efficiently.” This is fast becoming more industrialized, with “a black market service designed specifically to help adversaries automate their exploitation efforts, often with devastating results.”

• Credit for this article goes to FORBES