Researchers have found the phony support phone number 805-206-2892 associated with this scam to be linked to a larger campaign involving several other companies, including Adobe, Amazon, Capital One, Netflix, and Verizon. In some instances, the fake support number has not been limited to Chrome extension reviews and has been posted on other sites, including brand forums and Reddit.
While this campaign has primarily affected Google Chrome users, researchers have recently identified a scam targeting users through Microsoft Bing’s search engine. Users searching for “Keybank login” will yield a malicious copycat page as the top result. This credential harvesting scam appears to abuse Bing’s search algorithm to appear above the official website in the search engine result pages.
Recommendations
- Exercise caution with information found in comments and reviews, even if it appears to originate from legitimate sources.
- Confirm contact information from verified and official sources.
- Submit account credentials only on official websites.
- Download applications only from official sources.
- Promptly uninstall affected apps.
- Immediately change credentials used to log into malicious apps.
