Google is facing issues with scammers who impersonate brands in their ads, leading to potential fraud. When users search for popular sites like Facebook, some top search results might redirect them to harmful websites. This problem arises from scammers who trick Google’s systems into thinking their malicious sites are legitimate.
This issue was highlighted by Justin Poliachik, a developer and TikTok creator. He noticed an ad that looked like it was from Facebook but actually led to a phishing site. He was surprised Google allowed such ads and learned that scammers can trick Google by showing something genuine to its trackers while directing regular users to fake sites.
Image: Justin Poliachik / TikTok
Security researchers at Malwarebytes Labs confirmed these findings. They explained that such deceptive practices, known as "malvertising," are becoming more common and damaging. Scammers manage to bypass Google's security by using techniques that differentiate between Google's bots and real users. They might show a legitimate site to the bots but redirect real users to fraudulent sites.
These scammers use sophisticated methods to hide their tracks within Google’s ad system. They use legitimate-looking links that can change the destination based on who is clicking. For bots, the link might lead to the actual Facebook site. However, for a real person, it redirects to a scam.
Malwarebytes researchers believe that using more AI to check these links might not be the solution. They suggest that Google should use detailed information about the advertisers to identify legitimate ads. They could check the details provided in the ad, like the URL, and see if the destination matches the ad's claims.
Malwarebytes advises users to be cautious with sponsored search results, consider ad blockers, and learn to identify scam websites. They also recommend using browser extensions designed to protect against such threats. This advice comes as online security becomes a growing concern for many internet users.
Read next: Alphabet Attains 15% Growth In Q1 Earnings Report Thanks To Search And YouTube Amid Google's Plans For An AI Era
This issue was highlighted by Justin Poliachik, a developer and TikTok creator. He noticed an ad that looked like it was from Facebook but actually led to a phishing site. He was surprised Google allowed such ads and learned that scammers can trick Google by showing something genuine to its trackers while directing regular users to fake sites.
Image: Justin Poliachik / TikTok
Security researchers at Malwarebytes Labs confirmed these findings. They explained that such deceptive practices, known as "malvertising," are becoming more common and damaging. Scammers manage to bypass Google's security by using techniques that differentiate between Google's bots and real users. They might show a legitimate site to the bots but redirect real users to fraudulent sites.
These scammers use sophisticated methods to hide their tracks within Google’s ad system. They use legitimate-looking links that can change the destination based on who is clicking. For bots, the link might lead to the actual Facebook site. However, for a real person, it redirects to a scam.
Malwarebytes researchers believe that using more AI to check these links might not be the solution. They suggest that Google should use detailed information about the advertisers to identify legitimate ads. They could check the details provided in the ad, like the URL, and see if the destination matches the ad's claims.
Malwarebytes advises users to be cautious with sponsored search results, consider ad blockers, and learn to identify scam websites. They also recommend using browser extensions designed to protect against such threats. This advice comes as online security becomes a growing concern for many internet users.
Read next: Alphabet Attains 15% Growth In Q1 Earnings Report Thanks To Search And YouTube Amid Google's Plans For An AI Era