Connect with us

Google

Google gave a malicious advertisement top spot for ‘home depot’ searches

How does something like this get past Google?

google logo on search screen
Image: Unsplash

Adverts on the internet leading to malware or scams are nothing new, with users often quoting their prevalence as the reason they use adblocking software. It’s not that often that they appear in Google’s own Ad snippets in Search, but one got past Google’s watchdogs just this last week.

I mean, just look at the actual malicious advert below. It looks exactly the same as the normal Google Ads for Home Depot, even with trust ratings and excerpts. It’s the top result in search for “home depot” as well, so you’d be forgiven if you thought it was an ad from the official company.

google ad pretending to be for home depot but redirecting to malware
Image: Google via BleepingComputer

It’s not. Even mousing over the ad shows the correct www.homedepot.com URL, but clicking on it sends you through a tangled path of redirects, ad networks, and an eventual tech support scam site. That final site throws up a bevy of popups showing fake warnings from Windows Firewall, Windows Defender, and “Pornographic Spyware,” as if normal Spyware wasn’t enough.

Fine, you think. Closing all of that usually works to get away from whatever the scammer is trying to get you to do. This site does another trick, which is to open your system Print dialog, so it’s not as simple to close out your browser. Tricky, tricky.

Whoever is behind the scam also set it up so it only shows the scam site once per 24 hours to the same IP address, making it more difficult for any security professionals to sniff out. Any clicks after the first one get directed to the official website, not through the tangled web to the scam site.

That makes things harder for the less computer literate to know this is a scam, as they might expect the same behavior each click. Maybe they actually call the tech support number on the scam site, installing software onto their PC under the guise of help, which then lets the scammer steal passwords or other secret information.

The upshot of this is that even Google search ads can be circumvented, so the advice is to click on the search page results, instead of anything inside an Ad box. That might reduce Google’s revenue (Google will be ok, I promise), but it won’t be opening you up to the potential of malware.

Have any thoughts on this? Surprised Google let this slip through? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Google