Search
Close this search box.

When a top Google Search result is actually a scam

Share:

A recent incident involving Google search shows just how easy it can be to be duped by well-designed and well-executed scams.

A prominent American retailer’s customers were recently targeted, with normal-looking Google Ads turning out to be malicious redirects to tech scams!

The incident serves as something of a cautionary tale for everyone, from the humble individual to business executives. In an age where work computers are being used for nearly everything, the incident demonstrates that ultimately there is no replacing caution and prudence at the individual level.

Prominent cybersecurity blogger BleepingComputers recently covered this incident, in which a malicious Home Depot advertising campaign was used to redirect Google search visitors to tech support scams.

Google search ad scams are are nothing new, with campaigns for Amazon Prime, PayPal, and eBay having been carried out in the past.

The idea behind these scams is simple: These ads look like legitimate campaigns for a company, no less than showing their standard URL when you hover over them. Unsuspecting people can be easily tricked into clicking on them.

As the screenshot below from BleepingComputers shows, the ad states it is for “www.homedepot.com”, and hovering over it, one appears to see a legitimate URL.

Home Depot ad in Google Search
Home Depot ad in the Google search scam

However, when visitors click on the ad, they are redirected through various ad services until they eventually reach a tech support scam.

Redirects from Google ad to tech support scam
Redirects from Google ad search to tech support scam

Ultimately, users land at a page showing a “Windows Defender – Security Warning” tech support scam. This scam will repeatedly open the Print dialog box, as shown below, which prevents the visitor from easily closing the page.

Tech support scam shown by clicking on the Home Depot ad
Tech support scam shown by clicking on the Home Depot ad

To make it more difficult for security professionals to diagnose, the scam is only redirected to once every 24 hours (to the same IP address).

Many people who are not familiar with the internet or the sorts of scams they may fall victim to are especially liable to fall for these incidents. The elderly fall into this category, among others.

In the most egregious cases, users are tricked into allowing remote access to their computer where the scammers install programs such as Lock My PC. The scammers then state that the caller must purchase a support package to unlock Windows.

That’s a long, long way way to end up from a Google Ad!

To avoid these types of ads, BleepingComputers said it as well as it can be: “Users are advised to pay more attention to Google search results to not click on ads instead of the legitimate search page result for the company”!

Picture of Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.

Contact

Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Company

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →

Services

Services

Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl
360

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution

Solutions
Resources

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →