A sophisticated scam is targeting major American companies such as Netflix, Microsoft, and Bank of America by manipulating legitimate websites to display fake customer service phone numbers.
The technique, known as a search parameter injection attack, takes advantage of weaknesses in website search functions. Scammers insert malicious information into search parameters, causing fraudulent contact numbers to appear on real company pages.
This approach is especially dangerous because victims see the official website address in their browser, giving the impression they are on a safe page. In reality, the content they view has been altered to include deceptive information, making the scam hard to detect without advanced security tools.
How the Scam Works
According to Malwarebytes, the attack begins with sponsored ads on Google. Scammers purchase ads that appear to represent trusted brands, which lead users to what looks like official customer support pages.
These ads include harmful URL parameters that take advantage of vulnerabilities in the target websites’ search features. When users click these links, they are taken to the actual websites of companies like Netflix, Microsoft, Bank of America, PayPal, Apple, Facebook, and HP. However, the scammers have altered the URLs to make the websites show fake customer support numbers.
Attackers use encoded characters such as %20 (space) and %2B (plus sign) in the URL to make their fake contact numbers display correctly. These modified URLs create search results that show the scammer’s phone number as if it were posted by the official site. The attack works because many websites fail to properly filter or sanitize search input. As a result, the malicious content becomes visible within the site’s search results.
The use of encoded characters helps the attackers bypass simple security checks. %20 allows spaces in phone numbers to appear correctly, while %2B makes plus signs show up properly in international numbers.
How to Stay Safe
Users should be cautious if they notice unusual details such as:
- Phone numbers appearing directly in the website URL
- Keywords like “Call Now” or “Emergency Support” in the address bar
- Excessive use of encoded characters in the web link
Before calling any support number found through search results, users should verify it through official sources such as the company’s verified website or social media accounts.
This scam highlights the need for improved website security and user awareness, especially when relying on online search to find customer support information.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
