Profile
Tech support scammers ar...
How Tech Support Scammers Are Hijacking Real Websites
June 21, 2025 -
3 minutes, 9 seconds
How Tech Support Scammers Are Hijacking Real Websites
Tech support scammers are taking their tactics to a dangerous new level by injecting fake phone numbers into real websites like Apple, PayPal, and Netflix. This alarming method, known as search parameter injection, tricks users into thinking they're contacting official support. It’s a deceptive cyberattack where scammers manipulate legitimate URLs to display fraudulent contact information. If you’ve ever searched for a support number and clicked on a top result, you could be at risk—especially if that result was a paid Google Ad redirecting you through a compromised link.
Fake Tech Support Numbers Now Appear on Real Sites
Cybersecurity researchers have flagged a growing trend where scammers exploit vulnerabilities in websites—specifically, reflected input vulnerabilities—to modify what users see in their browser. This includes swapping out real tech support contact information for fake numbers. Because the site’s domain appears authentic, even cautious users might be fooled. When victims call these numbers, the scammers impersonate brand representatives, pressuring users to provide personal details, payment information, or remote access to their computers.
Google Ads Fuel the Spread of These Scams
The primary entry point for these attacks is online advertising. Scammers purchase Google Ads targeting support-related queries for major brands. Clicking on one of these ads may take you to the brand’s actual site, but the injected URL parameters quietly alter content like the support phone number. It’s a clever trick: the web address looks right, but what you’re seeing has been tampered with behind the scenes. This makes it harder for everyday users to recognize they’re being duped until it’s too late.
How to Stay Safe from Tech Support Scams
To protect yourself from fake tech support numbers, avoid calling numbers listed through ad links and instead go directly to a company’s official support page. Look for HTTPS encryption, and double-check the actual URL in your address bar. Never give remote access or payment details to unsolicited callers claiming to be tech support. If something feels off, hang up and report it. Cybercriminals are evolving, but staying informed about these scams can help you stay one step ahead.
Related Posts
Photos
Contact Information
Suggested Writers
-
2.4K articles
-
1.3K articles
-
34 articles
-
28 articles








Comment