Hackers somehow managed to get a phishing website to top of a Google ads campaign when somebody searches for the Bitwarden password manager.
The link goes to bitwardenlogin.com, which spoofs the real Bitwarden home page, which is bitwarden.com, and their real log-in page which is vault.bitwarden.com.
The spoofed site apparently looks totally authentic and accepts the user's Bitwarden log-in credentials and then redirects the user to the real Bitwarden log-in page. Too late! They've already stolen the user name and master password...
Read more at BleepingComputer which shows an image of the fake ad...
