Malware Campaign Masquerades as Tesla in Poisoned Google Ads

A malware operation has surfaced in the context of a complex cyber threat landscape, using tainted Google Ads to pose as Tesla and trick consumers into placing fictitious preorders for the unannounced Optimus humanoid robot.

Security researchers have identified multiple malicious domains mimicking Tesla’s official website, capitalizing on the electric vehicle giant’s history of accepting deposits for upcoming products like the Cybertruck.

These scam sites, appearing prominently in sponsored search results for queries such as “Optimus Tesla preorder,” redirect victims to cloned interfaces that solicit non-refundable $250 deposits, aligning closely with Tesla’s past preorder models to enhance credibility.

Unlike traditional phishing operations that harvest login credentials, these sites eschew authentication pages entirely, potentially to avoid detection and prevent users from verifying nonexistent orders, thereby delaying victim awareness until well after the initial transaction.

Fake Preorder Scams

The campaign’s technical infrastructure reveals a calculated ...