In a public service announcement, the security agency’s internet complaints department says ad-blocking extensions can help to protect users against fraudulent online adverts that appear in search results. Cybercriminals are behind such ads that are made to look like messages from real brands and businesses, it says.
The dupes, which can sometimes appear at the top of a search results page, contain links to fake websites or malicious software downloads that try to pinch your login details or financial information.
By endorsing ad blockers, which scrub or hide content identified as ads from websites, the FBI is effectively giving the thumbs-up to a divisive tool that many internet publishers (including news sites) actively discourage visitors from using.
As such, its warning illustrates just how perilous the internet advertising environment has become. Online ad sellers such as Google and Microsoft are locked in a ceaseless duel with cybercriminals, who try to create thousands of accounts to bypass their security systems when purchasing ads.
Despite constantly scouring their services for scams using ad verification and certification policies, it seems that some fakes are still seeping through their nets.
In July, researchers from Malwarebytes found that bad actors were creating fake search ads that mimicked websites including YouTube, Amazon and Facebook. Earlier in the year, Google removed ads that impersonated the customer support accounts of internet providers including BT and Sky.
More broadly, there have been many scams in the UK since the start of the Covid-19 pandemic. These include phishing messages sent via email and SMS; cryptocurrency scams that falsely claim to be endorsed by celebrities; fraudulent calls from overseas; and fake offers around major shopping events such as Black Friday.
US security agencies are practising what they preach: the National Security Agency (NSA), Central Intelligence Agency (CIA), FBI and others in the US intelligence community are already reportedly using network-based ad-blocking technologies, according to a copy of a letter sent by Congress and shared with tech news site Motherboard.
The FBI’s other tips for staying safe online echo the advice offered by Trading Standards in the UK. These include checking the authenticity of an ad by making sure the URL it contains is free from typos and other errors, and searching for businesses and financial institutions by typing in their full website address.