SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Rising fraudulent ads on search engines prompt calls for vigilance
Thu, 15th Feb 2024

Increasing numbers of fraudulent software ads are plaguing leading search engines, and the role of proxies in safeguarding brands and consumers has become paramount, according to cybersecurity and brand protection company Oxylabs.

Investigative journalist and cybersecurity blogger Brian Krebs recently reported on internet addresses hosting multiple domains easily confused with official software platforms. Krebs illustrated his point by comparing freecad-us[.]org with the legitimate site freecad[.]org, used for downloading open-source software FreeCad. Unfortunately, ads promoting such deceptive domains often appear above the genuinely top-ranked official sites when one searches for the software.

Vaidotas Sedys, Head of Risk Management at Oxylabs, acknowledged Google's ongoing struggle with malicious advertising. "Domains can present as legitimate for months before suddenly spreading harmful ads, making Google's task extremely challenging," Sedys said. He added, "Google recently updated its policy to make spreading malware through ads an egregious offence, leading to immediate advertising bans. The key issue is how effectively they can apply this policy."

The ineffective results of Google's efforts against malicious ads have raised speculation within the cybersecurity community. Many have questioned whether Google is unable or unwilling to remove damaging ads quickly, as doing so may impact potential profit.

V. Sedys suggested users must be vigilant when considering search engine results. "Check if the first result is sponsored, and compare the domain name with the first organic result," Sedys advised, "If the sponsored one is very similar, it's probably a scam. The new transparency policy from Google also allows users to check who ordered the ad, enabling them to determine if it's a legitimate competitor bidding on another brand's name or a dubious company warranting review."

This model of scam, manipulating trusted brands via Google ads, has started plaguing other industries, too. Shark Tank, for instance, had to rope in the non-profit Check My Ads to shield consumers from adverts misusing the brand to sell keto gummies. Check My Ads is now urging people to demand the VP of Global Ads at Google clarify why the scam wasn't addressed promptly.

V. Sedys emphasised the importance of active measures taken by renowned brands to protect their customers and their brand identity. He proposed the instrumental role of residential proxy infrastructure in this scenario. "Ads target specific countries, regions, or precise locations. Companies trying to detect every misuse and cybercrime involving their brand require a way to automatically inspect how ads appear to Google users in all these varying locations. That is precisely the purpose of proxy pools with diverse IPs."

Sedys further noted that residential proxies are essential tools used by cybersecurity enterprises and researchers to access search results organically, without affiliation to a data centre, university, or other organisation. He said, "To spot, report, and research various malware types dispersed through ads, you need to access search results globally, from an organic user's perspective."

With expected ad spending in the search advertising market anticipated to reach USD $306.70 billion in 2024, a segment of that investment will likely be made by crooks convinced of high returns from their investment. "Unfortunately, the reach of Google's ads is expected to keep attracting criminals," Sedys concluded, "Using automated solutions to constantly monitor search results is the only method to notably reduce risks to users and brand reputation."