Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google's Top Search Result For 'Target' Was A Tech Support Scam (bleepingcomputer.com)

Posted by EditorDavid on from the right-on-Target dept.

An anonymous reader quotes BleepingComputer: Malicious ads displayed in Google search results for Target -- the US retailer -- redirected users to a tech support scam. The malvertising campaign was spotted on Friday by a US user who posted his observations to a StackExchange thread. The rogue ad appeared when users searched for the term "target," right at the top of all search results, [and] used a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link. For example, in the rogue ad, the displayed link was "target.com," but users were redirected to "tech-supportcenter.us." Surprisingly, this got past Google's ad quality control service... The page users landed on was mimicking the style of Microsoft's real website, but was urging users to call a phone number to remove a non-existent "HARDDISK_ROOTKIT_TROJAN_HUACK.EXE" file.
The article points out the same thing happen in February when Google's top search result for Amazon was a spoof site with another tech support scam.

102 comments

  1. Who uses google? by Anonymous Coward · · Score: -1

    Smart slashdotters bing their searches.

  2. Happening on Google News also by mspohr · · Score: 4, Informative

    Noticed today on the news.google.com site that two "stories" under the "Health" section were gibberish (kind of like covfefe) and when I clicked on them one led to an online casino site and another to a "Canadian drug" seller. The news headlines appeared legitimate. Not as dangerous but still disturbing.

    --
    I don't read your sig. Why are you reading mine?
    1. Re:Happening on Google News also by Anonymous Coward · · Score: 1, Funny

      covfefe isn't gibberish, it is just too highly classified for anybody to be allowed to tell us what it means.

    2. Re:Happening on Google News also by Anonymous Coward · · Score: 1

      Yeah. Saw it too. Lead to spammy sites. No malware, though

    3. Re:Happening on Google News also by Killall+-9+Bash · · Score: 2

      If you want to find more tech support scams at the top of google search results, all you have to do is search for "can't install X", where X is some common piece of software. This has been going on for YEARS. Google doesn't care, because it makes them ad money.

      --
      "Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
    4. Re: Happening on Google News also by Anonymous Coward · · Score: 0

      Actually it's the FSB's codename for Trump.

  3. Tar-jhay by mentil · · Score: 3, Funny

    People expecting to find Target, found themselves a mark.

    --
    Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
    1. Re:Tar-jhay by Anonymous Coward · · Score: -1

      Sixteen cousins of Pichai called in the family favour. "Hello sonny, we got you into Google, now pay up by turning a blinded AI eye to Uncle Rashid's call center..."

    2. Re: Tar-jhay by gweilo8888 · · Score: 1

      People expecting to find Target became one.

    3. Re:Tar-jhay by Anonymous Coward · · Score: -1

      Obviously you have no idea how unlikely it is that Sundar Pichai would have a relative called Rashid, you only see the colour of people's skins and make stupid assumptions from that.

    4. Re:Tar-jhay by MrMr · · Score: 0

      You mean, If Rashid were to marry Sundar's aunt, both their villages would be exterminated? Wouldn't that be a stupid assumption about tribalism?

  4. for fuck's sake by Anonymous Coward · · Score: 0

    I'm so fucking tired of these tech support filth.

    Once and for all, find those scumbags and kill them all.

  5. Who clicks ads? by Anonymous Coward · · Score: 1

    I always skip the ad results.

    1. Re:Who clicks ads? by Anonymous Coward · · Score: 0

      Perhaps people searching for Target's website would click on an advertisement the search engine claims would direct them there?

    2. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      Congratulations. Maybe you can talk to all the 70+ year old patrons who come to my library to use the internet, and all of their friends who have computers at home, and the millions like them all over the country. They wouldn't know an ad from a legitimate search result if it reached out and punched their monkey through the screen. These people think that guy screaming BULLETIN 9:30 AM NEW YORK on the replica gold coin commercials is a government official warning them they'll be broke if they don't buy some bogus knock-off proof set. They're easily manipulated, and unlike you with your obvious incredible savvy and intellect, they do click the ads because they don't know any better.

      I nominate you to personally educate them all.

    3. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      A fool and his money are soon parted. Fuck them. It's in everyone's best interest to educate oneself to at least some basic level of competence. If you're too damned lazy to care you deserve what you get.

    4. Re:Who clicks ads? by Anonymous Coward · · Score: 0

      I always skip the ad results.

      Who clicks on the top search results? Lazy people who are too fucking lazy to pay attention.

      And that applies to every generation, from Millennials to baby boomers.

    5. Re:Who clicks ads? by Reaperducer · · Score: 2

      Set up a cron job to send this comment to yourself when you're 60.

      --
      -- I'm old enough to have lived through six different meanings of the word "hacker."
    6. Re:Who clicks ads? by Anonymous Coward · · Score: 0

      He won't make it to 60. He and his fellow Trump voters have condemned us all to early deaths, be it from natural disaster, war, or having to work 100 hour weeks to survive.

    7. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      To be fair here, a lot of ads do look like the surrounding site. In Google's case, to someone who doesn't know what they're doing, they might not even know they clicked on an ad.

      People should know better by now, yes. I don't know what part of the older generation's culture makes them so adverse to following a few relatively simple safety guidelines when online, but at the same time, Google should be more explicit in what items are ads. That part's on them. Change the background color at the very least.

      Native advertising in all forms should be illegal.

    8. Re: Who clicks ads? by Anonymous Coward · · Score: 0

      I always skip the ad results

      And you got bored of patting yourself on the back, so now you just stare at a mirror while you masturbate. Congratulations.

    9. Re:Who clicks ads? by Anonymous Coward · · Score: 0

      Generally yes, that's a good policy, but if you search for target (or any other major company) and you get back results that look like:

      [ad]target blah blah ...

      target blah blah ...

      it seems reasonable for the average Joe to assume that they will take you to more or less the same place, particularly given that the only visible difference will be a tiny little [ad] prefix.

    10. Re:Who clicks ads? by gordguide · · Score: 4, Insightful

      Ordinary people don't realize that search is a skill.

      Not a difficult skill, but a skill none the less.

      They think that because they know how to click on a Google bookmark that they're done.

      Often you see someone asking a question on some forum. They claim they "Googled it" but found no answers. Every once in a while in some probably misguided attempt at helping the sad user, I "Google it" and present the answer to them in a followup post, which takes me more time to type than to search and discover.

      I don't select the top results, usually. I will dig three pages deep, at least, to find perhaps three or four promising summaries. I open them in a new window in the background without looking at them, until I've decided "I'm done, let's have a look" and then if I don't like the results, I'll rephrase the search terms. It's rare to get three or more good links on the first page result. Others might have different techniques and flexibility if you are not getting the right results is important. Try another engine, force the web to give you what you want somehow.

      But that's now how they use Google. And they don't know better.

      Other times I will be at someone's house or in public, and we might be talking about something, and they are at the helm and I suggest a search. When I look at the search terms they use, I am dumbfounded. There is no way they will get results with those terms. So people don't even know the first step, properly.

      You can help people to a certain extent, but I find they just revert to their old useless habits pretty much immediately. Nothing you can do about it, and many people and entities profit from it. Such is the web.

    11. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      Funny thing is, this isn't a new thing or skill really. I grew up without internet (and only 3 TV channels, how the world changed in 30 years) and we had a (ok, rather several types of - art, science, general) printed encyclopedia.
      You often had to find the right "search terms" there, too, and a search took you more than a few seconds, so it was well worth thinking it through first.
      I remember that not everyone had the skills to use an encyclopedia for finding answers either (of course using it like a dictionary to look up words you know is easy, though it did reveal people struggling with the alphabet - which admittedly included me for quite a while).

    12. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      It's not culture. Their perception just doesn't work (that way).
      If they type a letter and a modal dialog box pops up, they realize they can't type anymore, but they can have trouble finding/seeing the dialog box!
      It's this "take in the whole screen at once and find the critical points to look at" many can't handle.
      They can read the screen top to bottom, or they can look at special places like top right, but not this "complete list of everything on the screen in your brain".
      It's probably also why things moving is such a big problem. If they learned a spot by heart it's fine, but if it's somewhere else it becomes a needle in the haystack.
      And now that I just check what a mess Google made of the first page search results it's not wonder people get confused.
      Just look at it: wikipedia on the right, search bar and target.com content table on the left, then Twitter results, for some reason inside huge square boxes (wtf?!?), Facebook, pinterest, app store link and then images, and on the second page there is Twitter AGAIN.
      I mostly use DuckDuckGo because the "privacy" stuff Google needs you to accept pisses me off and I don't think the results themselves are better, sometimes worse, but at least they didn't make such an UNHOLY MESS of their search results page.
      I think it's time to move on from Google for search, they obviously fell victim to a deadly case of featuritis.

    13. Re:Who clicks ads? by Anonymous Coward · · Score: 0

      Ayup - Google has become a clone of Altavista. Do a search and press Pg Dn four times, then look at the results.

    14. Re: Who clicks ads? by Anonymous Coward · · Score: 0

      Yes but how do you know you got the good results when you are researching a subject unknown to you ?

    15. Re:Who clicks ads? by Anonymous Coward · · Score: 0

      There is no ad my wife wont click.
      There is nothing on the net she wont believe.

      Thinks Fox News is better than the bible she has never read.

    16. Re:Who clicks ads? by Ol+Olsoc · · Score: 1

      I mostly use DuckDuckGo because the "privacy" stuff Google needs you to accept pisses me off and I don't think the results themselves are better, sometimes worse, but at least they didn't make such an UNHOLY MESS of their search results page.

      This! Google's searches had become me needing to manually subsearch what they provided, and at least half the time I needed to go to the second page.A lot of their top results are hosted out, os they don't work for me anyhow. The lack of tracking is a bonus, although I take care of that via other ways as well.

      DDG isn't perfect, but at least it's a lot more useable.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    17. Re:Who clicks ads? by Anonymous Coward · · Score: 0

      This is exactly why you have the skill: you learned it before the Internet tried to make it so easy that the skill can no longer be learned.

      The Internet also rewards instant gratification over curiosity.

    18. Re:Who clicks ads? by roc97007 · · Score: 1

      I think that if people are prone to thinking anthromorphically, they should be told that The Internet Is Not Your Friend. It's really not. It's more like one of Lovecraft's Great Old Ones. Immensely powerful, but utterly alien, and just as likely to destroy you as to help you. Asking trivially worded questions and accepting the first answer (or, anything on the first page, usually) is almost always the wrong thing to do, and courts disaster. To have any chance of success requires some knowledge of how to phrase a request, and how to recognize which answers are gibberish, a trap, or truly helpful.

      Like you, I've been doing this for so long that I don't even think about using double quotes and ordering to narrow down results, and to be very skeptical of the answers. It surprises me occasionally that others don't know how to do this.

      --
      Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
    19. Re: Who clicks ads? by Anonymous Coward · · Score: 0

      I am the original "Anonymous Coward" who spawned this thread, and quite a thread it became.

      Some really good points were made, and I thank you for your contributions.

      Some trolls made their obligatory appearances, some of whom need to refine their craft. "Masturbate in front of a mirror"? I would say "good one," but it wasn't.

      Overall result: original comment was a success.

  6. first poist by Anonymous Coward · · Score: -1

    We need to aadress its readers and the point more

    1. Re: first poist by Anonymous Coward · · Score: 0

      Hey, buddy. You forgot to renew your domain name. Careful or someone might nab it from ya!

    2. Re: first poist by FatdogHaiku · · Score: 3, Funny

      Hey, buddy. You forgot to renew your domain name. Careful or someone might nab it from ya!

      An excellent opportunity for a goat dealer on Christmas Island!

      --
      You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  7. Not Very Surprising by Anonymous Coward · · Score: 1

    "used a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link [...] Surprisingly, this got past Google's ad quality control service"
    How is it surprising that a feature used as intended got past QC?

  8. "Please disable adblocker, our ads are trustworthy by Anonymous Coward · · Score: 1

    Lol.

    Anyway, killing google's ads is easy. Killing the gratuitous anti-Trump propaganda mixed in with basically every google search (including a search for "Target"), not so much. I'd even settle for being able to turn off the "Top Stories" section that appears over most searches, which they seem to have coded in a filter-proof way (or I'm just a noob with custom filters). Someday I'll whip up a greasemonkey script to get rid of it, if nothing else.

  9. Most All Ads Hide The Destination Site by Anonymous Coward · · Score: 1

    Most all ads are as bad as link shorteners in that the final destination is hidden. On a related note, many links on the web these days are hidden / spoofed via javascript. It's beyond time for ad networks to assume some liability for hosting / distributing malware ads. One simply can't trust clicking on any ad. I emphasize this to others whenever the topic of computer security comes up. An ad blocker is increasingly a necessity.

    1. Re:Most All Ads Hide The Destination Site by RotateLeftByte · · Score: 1

      Just don't click on ads or shortened URL's. Doh!

      One bad short URL could land you in jail and on the sex offenders register for life (kiddie pron). Don't take chances.

      --
      I'd rather be riding my '63 Triumph T120.
    2. Re:Most All Ads Hide The Destination Site by KiloByte · · Score: 2

      How is that different from any other 302/303?

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  10. Quick..... by Anonymous Coward · · Score: 2, Insightful

    People are fucking idiots - but lets blame someone else

    1. Re: Quick..... by Anonymous Coward · · Score: 0

      Well, targets previous ciso is a fuckin moron

  11. Re: "Please disable adblocker, our ads are trustwo by Anonymous Coward · · Score: 0

    I couldn't agree more, everywhere you look. It's completely covfefe.

  12. hosts by TheRealMindChild · · Score: 3, Insightful

    0.0.0.0 googleadservices.com

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    1. Re:hosts by Anonymous Coward · · Score: 0

      Shhh, you'll awaken the hosts-file guy!

    2. Re:hosts by Anonymous Coward · · Score: 0

      0.0.0.0 googleadservices.com

      Found this:
      https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

  13. Re: "Please disable adblocker, our ads are trustwo by Anonymous Coward · · Score: 0

    It ruins it when your enemies laugh at the joke too.

    I suggest going back to "ORANGE BALD TURBOHITLER SMALL HANDS DRUUMMMPPPFFFF!!!"

  14. great idea by Anonymous Coward · · Score: 0

    >used a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link.

    What could ever go wrong with a feature like that?

  15. Ran into this today... by __aaclcg7560 · · Score: 1

    When I got the pop-up message this morning, I thought it was from a French website that some asshat posted my picture. Must have came from somewhere else. The French website respected my DMCA takedown notice and took down my picture this afternoon.

    1. Re:Ran into this today... by Anonymous Coward · · Score: 0

      All anyone has to do is do a GIS for cdreimer_350.jpg. Since your misfiring brain decided to use the same name for different pictures, we get to see them all. Go DMCA Google, you loon!
      What brand of corset do you wear?

    2. Re:Ran into this today... by Anonymous Coward · · Score: 0

      Must have been one of those asshats who posts drunk late at night. Or have you finally learned about timezones?

    3. Re:Ran into this today... by Anonymous Coward · · Score: 0

      je pense que c'est ca. bon matin barbara lourde.
      http://hpics.li/884a286

    4. Re:Ran into this today... by Anonymous Coward · · Score: 0

      Barbapapa, Barbamaman, et Barbareimer!

  16. Not surprising at all. by Reaperducer · · Score: 2

    "Surprisingly, this got past Google's ad quality control service"

    Actually, it's not surprising if you've ever had to deal with Google's ad quality control service. It's worse than Dell support in the 90's.

    --
    -- I'm old enough to have lived through six different meanings of the word "hacker."
    1. Re:Not surprising at all. by Anonymous Coward · · Score: 0

      "Surprisingly, this got past Google's ad quality control service"

      Actually, it's not surprising if you've ever had to deal with Google's ad quality control service. It's worse than Dell support in the 90's.

      I would have assumed that Google doesn't have an ad quality control service. Since they seem to, I'm going to assume it's an algorithm that doesn't actually work very well, which given their history is probably correct.

    2. Re:Not surprising at all. by Anonymous Coward · · Score: 0

      Dell support in the 2010s?

    3. Re:Not surprising at all. by Anonymous Coward · · Score: 0

      I pointed out this giant hole in their quality control back when searches for "Internet Explorer" would pop up an ad for "The new version of Internet Explorer" which led to google.com/chrome. I'm no fan of Microsoft's web browsers, but deceptive advertising is evil!

  17. There are ADs on a web browser? by bigdady92 · · Score: 2

    Since when? Oh people still browse without an AdBlocker. Silly people.

    --
    Wheel of Time: Book by Book and Sumview (summary review) Bigdady92 style: http://bigdady92.blogspot.com/
    1. Re:There are ADs on a web browser? by Anonymous Coward · · Score: 0

      Since when? Oh people still browse without an AdBlocker. Silly people.

      Yes, they do, and even though I use an extensive hosts file and ublock origin with a bunch of additional rules, I don't want everyone else to.

      I want everyone else to keep funding all the websites out there, buy stupid shit, and get attacked by ad-based malware.

      Because if everyone blocked all the ads, the vector they use for annoying and attacking people would just change to affect me, which is unacceptable.

    2. Re:There are ADs on a web browser? by Anonymous Coward · · Score: 0

      Well spoken. Maybe there should be a filter so we adblock users don't see Slashdot stories that don't concern us.

    3. Re:There are ADs on a web browser? by Anonymous Coward · · Score: 0

      Maybe there should be a filter so we adblock users don't see Slashdot stories that don't concern us.

      There's already a slashdot mechanism for avoiding the comments for stories that don't concern you. Apparently you missed it.

  18. "be as evil as possible" by Anonymous Coward · · Score: 1

    Google use to have "don't be evil" as the code of conduct. Now the new code perhaps should be "be as evil as possible". They are doing all evil things in order to chase the ad money. Look at how they structured youtube playback, you can see how bad they are. Somebody also pointed out the timing they announced the TPU 2 hardware, isn't it too close to the coming out party of NVIDIA's Volta?

  19. Drone strike on American soil PROVEN by Anonymous Coward · · Score: -1

    Drone strike on American soil PROVEN

    Blast effects from Indianapolis explosion prove it was a military bombing.

    Jim Stone, freelance journalist, updated May 15 2014

    Initial report:
    Indianapolis blast caused by high velocity explosive
    There is little information coming out of Indianapolis, but all of what is coming out indicates that it was a high velocity detonation which occured a few feet off the ground.

    There is little concrete foundation remaining at the house the explosion happened at, which totally rules out gas. The lack of high definition photos is damning, we are getting nothing of the blast epicenter and only the debris in the streets. I managed to find a super high quality photo of the neighborhood that does not focus on the house where it originated, but it is clear enough overall to seem to show that the foundation is gone and there is only dirt. But there is so much rubble that it is really hard to tell what is there without a better photo. I am working on this now, and will update it later.

    I have received requests to explain the following photo better. When I mention the decompression damage, this is what I am trying to say. If you have a detonation from a military grade explosive, rather than a natural gas explosion, the shock wave that goes out from the blast is supersonic and forms a wall of bunched up compressed air as it moves outward. This creates a vacuum cavity in the heart of the detonation, which can go outward for several hundred feet. Air needs to rush backwards to fill that void after the blast wave has passed, and this creates an enormous suction after the intital blast that can cause significant damage in addition to the initial blast damage. So the arrows are pointing at windows, garage doors, and exterior walls of houses that got sucked off by this negative pressure wave. The fact that the houses I refer to had the external sheathing ripped outward, instead of being blown inward, proves that this was no gas explosion, which is subsonic, it was a detonation of military grade ordinance. Explosions are subsonic, detonations are supersonic, and detonations will cause the reverse pressure wave following the blast. Subsonic explosions will not. This is what I am referring to in the high res photo.

    Click the image to enlarge it.

  20. best place to report scams? by swell · · Score: 1

    from TFS: "posted his observations to a StackExchange thread..."

    What is the best place to report such scams? I don't want to have to create an account or fill out a stupid web form. I want an email address (that allows attaching screen shots, etc) for someone, some organization, some agency who can expedite a solution for the general public. Thanks.

    --
    ...omphaloskepsis often...
    1. Re:best place to report scams? by Anonymous Coward · · Score: 1

      If the problem is in Sweden, try the government consumer agency's Swedish web form or one of 15 other languages. For other EU and EES countries, try the tax funded NGO European Consumer Organisation.
      If you're a Yank, shut up and try not to be locked up as a traitorous commie, I guess.

    2. Re:best place to report scams? by Anonymous Coward · · Score: 0

      If you're a Yank, shut up and try not to be locked up as a traitorous commie, I guess.

      Shows what you know about America. We don't lock up traitorous commies, we elect them to office.

      Captcha: democrat
      It's like it's reading my mind.

    3. Re:best place to report scams? by Anonymous Coward · · Score: 0

      Why agency?
      Organization: abuse@google.com , together with the spammer's hosting provider's abuse address if you know it.
      Legally, in many countries companies are REQUIRED to read and respond (not answer, but address issues) timely to email to that address or they may become liable for any damages caused (too rarely enforced though, so smaller companies usually don't know that).

    4. Re:best place to report scams? by Anonymous Coward · · Score: 0

      Why does Chrome not accept the beuc.eu CA?
      And WTF is up with it not even telling you which CA that supposedly is?
      Hm, seems their SSL Certificate is completely bogus AND 1 year expired??
      How does THAT happen?

  21. LOL they are run by NSA shell companies by Anonymous Coward · · Score: 0

    That's why google let them rank so high for years.

  22. Mozilla to the rescue? by mrsam · · Score: 4, Interesting

    If the folks at Mozilla are listening, this is a golden opportunity to score some brownie points.

    It should be possible for a browser to detect when a click on an anchor tag gets intercepted by a javascript onclick that goes to a completely different URL, and for the browser to throw a big fat warning instead.

    Of course, nobody would expect for Chrome to do anything like this, since Google depends on this hostile and abusive practice for generating ad click revenue. But I would think that this would be a value tool for blocking potential exploits, and a thumb in the eye of Google.

    1. Re:Mozilla to the rescue? by KiloByte · · Score: 1

      Nope, features that would actually benefit the user get auto-WONTFIXed. And it's not a new thing.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    2. Re:Mozilla to the rescue? by drinkypoo · · Score: 1

      Nope, features that would actually benefit the user get auto-WONTFIXed. And it's not a new thing.

      And that's the best example you could come up with? Just like the notes say, a user script can handle this efficiently for the minuscule percentage of users that need it. This is also true for the problem we're discussing now. Meanwhile, it's absolutely normal for webpages to intercept clicks to hrefs with a script. That's a common way, for example, to provide fallback functionality for users without javascript. The idea that you should bring up a warning every time it happens is patent nonsense.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    3. Re:Mozilla to the rescue? by Anonymous Coward · · Score: 0

      Maybe you should try reading before replying. Not "every time", but when the click "goes to a completely different URL". The link says "yahoo.com", and the onclick attempts to load "8hsdf800.info".

      Idiot.

    4. Re:Mozilla to the rescue? by Anonymous Coward · · Score: 0

      If it goes to a different domain I think a warning is more than justified...

    5. Re:Mozilla to the rescue? by drinkypoo · · Score: 1

      Not "every time", but when the click "goes to a completely different URL".

      You mean like when a script is delivered from a CDN?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    6. Re: Mozilla to the rescue? by Anonymous Coward · · Score: 0

      Right. Screw it. If I see a yahoo.com I expect to go there. If yahoo wants to deliver content from cdn.yahoo.com, wonderful. Put it in the fraking link. Is that too much to ask?

      If Firefox started warning and require a confirmation before loading an intercepted link, sure this could get annoying when following search results. So what? Makes people more aware of Google's clickjacking. Don't see a problem.

    7. Re:Mozilla to the rescue? by sootman · · Score: 1

      > It should be possible for a browser to detect when a click on an anchor tag
      > gets intercepted by a javascript onclick that goes to a completely different
      > URL, and for the browser to throw a big fat warning instead.

      It should be possible that a status bar would show you EXACTLY what you're about to click on (bonus: it should not be over-writeable by JavaScript) but OOPS TOO LATE FUCK YOU THAT SHIP HAS SAILED STATUS BARS ARE UGLY SO WE GOT RID OF THEM LOLOMGWTFQQB!!!!!111
      - Signed,
      All major browser makers

      --
      Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
    8. Re: Mozilla to the rescue? by Anonymous Coward · · Score: 0

      People would just leave Firefox faster, blaming the issue on them and saying "well Chrome doesn't do that". Doubt Firefox will do that.

    9. Re:Mozilla to the rescue? by tlhIngan · · Score: 1

      It should be possible for a browser to detect when a click on an anchor tag gets intercepted by a javascript onclick that goes to a completely different URL, and for the browser to throw a big fat warning instead.

      I believe NoScript's anti-clickjacking does it - it pops up a dialog saying your click would go somewhere else and you can see it with and without the clickjacking.

      The real question is - how in the world did someone install the onclick handler? If you're searching Google, all the data comes from Google so ...

    10. Re:Mozilla to the rescue? by Anonymous Coward · · Score: 0

      Install pale moon, mouseover a link on Reddit, click it, and watch the URL get hijacked by Reddit's maliciousness before taking you to the proper URL.

      If there is a contradiction between the status bar's contents and what actually happens when you click it, the site should have its domain seized.

  23. Worse than worthless by AndyKron · · Score: 1

    A search engine is worse than worthless if it allows this to happen.

    1. Re:Worse than worthless by Anonymous Coward · · Score: 1

      google is an advertising company.

      an advertising company is worse than worthless if it allows this to happen.

      and... this is entirely their fault.

      a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link

      what? they are actively supporting and encouraging the use of misleading advertisements and links.

      if you can't trust the largest online advertising company to keep you safe from malicious advertisements and links......

      just one more reason why adblockers are an essential security tool when online.

    2. Re:Worse than worthless by David_Hart · · Score: 1

      A search engine is worse than worthless if it allows this to happen.

      Well, that's how they started out, as a search company. They started accepting money to fudge the results to push those who pay to the top and created side ads. But Ad dollars are like crack, they got addictive. Now they post the ads on the op of the search instead of the results.

      By the way, they got rid of the "don't be evil" motto when they became Alphabet. Now it's "Do the Right thing". Which, if you think about it, is much more ambiguous because the right thing for shareholders isn't always compatible with the right thing for users.

      This is an example where the right thing for shareholders, charging lots of money for prominent ads that show up before every search, leads to the wrong thing for users, a first page with practically no good search results and one where Ad hijacking is easy....

  24. you fail It? by Anonymous Coward · · Score: -1

    KeEp unnecessary everY day...Like

  25. Google is an advertising company first by Anonymous Coward · · Score: 1, Insightful

    The faster the google/android fans recognize this, the better.

    1. Re:Google is an advertising company first by Anonymous Coward · · Score: 0

      Yes, but they aren't the only one.

  26. Google is far from perfect by Anonymous Coward · · Score: 0

    Surprise...?

  27. Not the top search result by Anonymous Coward · · Score: 0

    It's clearly marked as "Ad", so it's not a search result. Use an adblocker ffs.

    1. Re:Not the top search result by sabbede · · Score: 1
      For one, these results (happened with walmart and amazon as well) appear to be ads from the companies themselves. As for blockers, I use AdBlock and still ended up seeing and clicking a fake Walmart link.

      I was very annoyed by this and reported it to google in less than polite terms.

  28. Re:"Please disable adblocker, our ads are trustwor by jafiwam · · Score: 2

    Lol.

    Anyway, killing google's ads is easy. Killing the gratuitous anti-Trump propaganda mixed in with basically every google search (including a search for "Target"), not so much. I'd even settle for being able to turn off the "Top Stories" section that appears over most searches, which they seem to have coded in a filter-proof way (or I'm just a noob with custom filters). Someday I'll whip up a greasemonkey script to get rid of it, if nothing else.

    Just switch to Bing, DuckDuckGo, or one of the others.

    Google will straighten up or get replaced.

    Sitting around wishing they will get better on their own is a fool's errand.

  29. Oh shit! by wardrich86 · · Score: 1

    This is really interesting - I actually saw somebody search for American Express on Bing and end up on a different bogus website. I had no idea how they managed to pull it off, but now I think I have some idea of what happened...

  30. Not just Target by sabbede · · Score: 1

    Weeks ago I googled "walmart", and the top result was a support scam. I reported this to google, using the term "dumbass".

  31. target.com by Anonymous Coward · · Score: 0

    why does anyone have to use a search at all?
    If you can type the word "target", finish by adding ".com" and avoid the search engine BS altogether.
    If people can't figure out the internet even slightly, I certainly don't want them doing anything else that requires thought -like driving or trying to figure out complex things like kitchen appliances, light switches and doorknobs.

    1. Re:target.com by Anonymous Coward · · Score: 0

      Many people have Google's search engine as their starting page, with the query entry in focus; it's simply convenient to type there right away. If Google had prioritised doing no evil over maximising ad profit the top result, displayed as a link to the Target website, would in all likelihood pointed at the Target website; it would then have been convenient to just click on that.

  32. LOL Mozilla sold out a long time ago by Anonymous Coward · · Score: 0

    Ever since they were funded by Google to cripple itself.

    Few years ago Firefox used to have "ask to activate" option on plugins such as Flash, then they took it away so you're left with either "Never activate" or "Always Activate".

    I knew they sold out right then, and they've been crippling Firefox ever since.

  33. Google enables the scamming of the elderly by urbanriot · · Score: 1

    I don't know why Google isn't called on this by more people as it seems like it's common knowledge by techies that Google's first hits on a Google search are scam sites attempting to trick you into calling them rather than HP, D-Link, Microsoft, etc.. While the savvy folks on this site would subconsciously skip past these links, seniors are regularly calling these numbers to invite malicious scammers into their computers who then proceed to charge them recurring fees to maintain their computer.

    A friend of mine works for a local in-home computer service company and relayed a story of a woman that was paying around $3,000 a year for 'maintenance' from a scammer that started with her calling "D-Link" (I use quotes because it's a Google result not the real D-Link) because her internet provider, Cogeco, advised her to do this due to some UPNP vulnerability. She called them a few years back and was fleeced for years.

    Using Google right now, which geolocates me to Google Canada, if I Google search for "HP Phone number" the first hit is Google customer "HP Phone Number - Call (Toll Free) Phone Number - printerhelpdesk.usâZ". That's not Hewlett Packard. âZ

    1. Re: Google enables the scamming of the elderly by Anonymous Coward · · Score: 0

      Wait until they do this for visa, MasterCard, or your bank.

  34. Why does this even exist? by Solandri · · Score: 1

    used a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link

    What possible reason does this "feature" have for even existing? The whole purpose of displaying a URL when you hover over a link is to tell the user where the link will take them. There's no legitimate reason to ever override that behavior.

    1. Re:Why does this even exist? by Anonymous Coward · · Score: 0

      >What possible reason does this "feature" have for even existing?
      It tricks people into clicking on advertisements, so advertisers pay Google more money - possibly even pay extra to be a top result for certain searches.

    2. Re:Why does this even exist? by Anonymous Coward · · Score: 0

      The same reason we have caller ID that may or may not show you the number calling you......

      So you feel like you are getting something others have no intention of letting go control of

  35. Soviet by hattable · · Score: 1

    I came here for a 'in Soviet Google, target is YOU!'...left dissapointed.

    --
    OMG facts!
  36. Search for "Walmart" was similar a few weeks ago by Anonymous Coward · · Score: 0

    For a short period of time on May 15th, searches for Walmart wound up with a malvertisement at the top of the page a few weeks ago.

    It looked identical to the legitimate Walmart ad and had walmart.com showing in the text of the ad. If you clicked on it, you were taken for a ride.

    It was fixed within hours.

    I do not know if the ad itself was bad or if the problem was on Wal-Mart's side. Either way, it got fixed fairly quickly.

    For anyone who wants to check their security logs for the morning and early afternoon of May 15th, 2017 CST (UTC-0600), here is the first part of the URL that the ad initially sent you to:

    https://www.google.com/aclk?sa=L&ai=DChcSEwiFtMT4q_LTAhWMNoEKHWh6D5sYABAAGg[remainder redacted]

    That same URL worked fine and sent me to the legitimate walmart.com web site after the problem was fixed.