Not too long ago, internet search giant Google was duped into hosting a fake search result for online shopping giant Amazon that actually led to malicious content, and now it’s happened again. This time around, the malicious ad was taken out on Google and looked to lead to the front page of Amazon, using a proxy script on their end to fool Google’s automated ad verification services. Google was notified about the ad fairly quickly by a prudent search user, and managed to track down the fake ad listing and take it down. It was up for a few short hours on Thursday, but due to its trustworthy nature and the popular subject matter it aped, it could possibly have led millions astray during its time on the web.
The actual malicious page that the link led to was hosted on GoDaddy, and the hosting service quickly took the page down after learning about it. The ad mimics a system error message, using information from your browser and OS to look somewhat convincing, and can kick the browser into full screen mode and mimic ransomware if you try to dismiss it. It’s a social engineering bid that hopes to see gullible users scammed into calling a listed phone number and paying for a service that will solve the computer issue that the popup claims the victim’s computer has.
As mentioned above, this is not the first time that something like this has happened, or even the first time that people trying to use Google to reach Amazon were specifically targeted. Unfortunately, the logic behind this tactic is pretty plain, which means that similar attacks will likely happen in the future, if attackers can find more creative ways around Google’s security measures. The target crowd for this attack is using Google to get to Amazon, which means that they’re likely either proceeding from within a browser that has Google set as the home page, or are simply typing “Amazon” into their address bar. In either case, this navigation tactic is inefficient compared to typing “amazon.com” directly into the address bar of any given browser, and is, anecdotally, usually employed by people who are less than proficient when it comes to computers and technology, making them potentially easy prey for scareware and other types of social engineering attacks.
