A new scam tactic known as Search Parameter Injection Attacks has recently affected major brands like Netflix, Microsoft, Bank of America, Apple, Facebook, PayPal, and HP.
What is happening:
- Scammers buy search ads that look legitimate (e.g., “Netflix Support”).
- These links lead you to the real website—but with malicious URL parameters.
- The site displays a fake support number embedded in the search results because it fails to sanitize inputs properly.
- You might be calling the bogus number thinking it’s official support.
Why this helps scammers:
- You’re on a genuine site (like netflix.com) with the real layout and URL.
- The fake number may even include country codes and spacing (%20, %2B encoding), making it look official.
- It’s nearly impossible to spot unless you’re specifically looking at the URL.
How to stay safe:
- Never call phone numbers from search results or sponsored links.
- Use official company contact pages or verified channels (e.g., the company’s own support portal, app, or social media).
- Check the URL carefully: excessive characters like %20 or phone numbers in the address bar are red flags.
- If something seems odd, close the tab and go directly to the company’s official site.
Always be cautious. If you’re ever unsure about a contact method, please reach out to UCOR Cybersecurity or the IT Helpline directly. Your vigilance helps keep you and UCOR safe.