Scammers trick over 500,000 victims with fake Google, Bing ads to steal personal info

Cybercriminals dubbed "Payroll Pirates" used fake Google and Bing ads to create spoofed payroll and HR platforms, tricking employees into entering their login credentials when searching for legitimate work sites. The scam targeted over 200 platforms and affected approximately 500,000 users, with attackers using Telegram bots to bypass two-factor authentication in real-time. After going dormant in late 2023, the operation returned in 2024 with upgraded phishing techniques and infrastructure spanning multiple countries.