Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google's Top Search Result For 'Target' Was A Tech Support Scam (bleepingcomputer.com)

Posted by EditorDavid on from the right-on-Target dept.

An anonymous reader quotes BleepingComputer: Malicious ads displayed in Google search results for Target -- the US retailer -- redirected users to a tech support scam. The malvertising campaign was spotted on Friday by a US user who posted his observations to a StackExchange thread. The rogue ad appeared when users searched for the term "target," right at the top of all search results, [and] used a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link. For example, in the rogue ad, the displayed link was "target.com," but users were redirected to "tech-supportcenter.us." Surprisingly, this got past Google's ad quality control service... The page users landed on was mimicking the style of Microsoft's real website, but was urging users to call a phone number to remove a non-existent "HARDDISK_ROOTKIT_TROJAN_HUACK.EXE" file.
The article points out the same thing happen in February when Google's top search result for Amazon was a spoof site with another tech support scam.

47 of 102 comments (clear)

  1. Happening on Google News also by mspohr · · Score: 4, Informative

    Noticed today on the news.google.com site that two "stories" under the "Health" section were gibberish (kind of like covfefe) and when I clicked on them one led to an online casino site and another to a "Canadian drug" seller. The news headlines appeared legitimate. Not as dangerous but still disturbing.

    --
    I don't read your sig. Why are you reading mine?
    1. Re:Happening on Google News also by Anonymous Coward · · Score: 1, Funny

      covfefe isn't gibberish, it is just too highly classified for anybody to be allowed to tell us what it means.

    2. Re:Happening on Google News also by Anonymous Coward · · Score: 1

      Yeah. Saw it too. Lead to spammy sites. No malware, though

    3. Re:Happening on Google News also by Killall+-9+Bash · · Score: 2

      If you want to find more tech support scams at the top of google search results, all you have to do is search for "can't install X", where X is some common piece of software. This has been going on for YEARS. Google doesn't care, because it makes them ad money.

      --
      "Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
  2. Tar-jhay by mentil · · Score: 3, Funny

    People expecting to find Target, found themselves a mark.

    --
    Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
    1. Re: Tar-jhay by gweilo8888 · · Score: 1

      People expecting to find Target became one.

  3. Who clicks ads? by Anonymous Coward · · Score: 1

    I always skip the ad results.

    1. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      Congratulations. Maybe you can talk to all the 70+ year old patrons who come to my library to use the internet, and all of their friends who have computers at home, and the millions like them all over the country. They wouldn't know an ad from a legitimate search result if it reached out and punched their monkey through the screen. These people think that guy screaming BULLETIN 9:30 AM NEW YORK on the replica gold coin commercials is a government official warning them they'll be broke if they don't buy some bogus knock-off proof set. They're easily manipulated, and unlike you with your obvious incredible savvy and intellect, they do click the ads because they don't know any better.

      I nominate you to personally educate them all.

    2. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      A fool and his money are soon parted. Fuck them. It's in everyone's best interest to educate oneself to at least some basic level of competence. If you're too damned lazy to care you deserve what you get.

    3. Re:Who clicks ads? by Reaperducer · · Score: 2

      Set up a cron job to send this comment to yourself when you're 60.

      --
      -- I'm old enough to have lived through six different meanings of the word "hacker."
    4. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      To be fair here, a lot of ads do look like the surrounding site. In Google's case, to someone who doesn't know what they're doing, they might not even know they clicked on an ad.

      People should know better by now, yes. I don't know what part of the older generation's culture makes them so adverse to following a few relatively simple safety guidelines when online, but at the same time, Google should be more explicit in what items are ads. That part's on them. Change the background color at the very least.

      Native advertising in all forms should be illegal.

    5. Re:Who clicks ads? by gordguide · · Score: 4, Insightful

      Ordinary people don't realize that search is a skill.

      Not a difficult skill, but a skill none the less.

      They think that because they know how to click on a Google bookmark that they're done.

      Often you see someone asking a question on some forum. They claim they "Googled it" but found no answers. Every once in a while in some probably misguided attempt at helping the sad user, I "Google it" and present the answer to them in a followup post, which takes me more time to type than to search and discover.

      I don't select the top results, usually. I will dig three pages deep, at least, to find perhaps three or four promising summaries. I open them in a new window in the background without looking at them, until I've decided "I'm done, let's have a look" and then if I don't like the results, I'll rephrase the search terms. It's rare to get three or more good links on the first page result. Others might have different techniques and flexibility if you are not getting the right results is important. Try another engine, force the web to give you what you want somehow.

      But that's now how they use Google. And they don't know better.

      Other times I will be at someone's house or in public, and we might be talking about something, and they are at the helm and I suggest a search. When I look at the search terms they use, I am dumbfounded. There is no way they will get results with those terms. So people don't even know the first step, properly.

      You can help people to a certain extent, but I find they just revert to their old useless habits pretty much immediately. Nothing you can do about it, and many people and entities profit from it. Such is the web.

    6. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      Funny thing is, this isn't a new thing or skill really. I grew up without internet (and only 3 TV channels, how the world changed in 30 years) and we had a (ok, rather several types of - art, science, general) printed encyclopedia.
      You often had to find the right "search terms" there, too, and a search took you more than a few seconds, so it was well worth thinking it through first.
      I remember that not everyone had the skills to use an encyclopedia for finding answers either (of course using it like a dictionary to look up words you know is easy, though it did reveal people struggling with the alphabet - which admittedly included me for quite a while).

    7. Re:Who clicks ads? by Anonymous Coward · · Score: 1

      It's not culture. Their perception just doesn't work (that way).
      If they type a letter and a modal dialog box pops up, they realize they can't type anymore, but they can have trouble finding/seeing the dialog box!
      It's this "take in the whole screen at once and find the critical points to look at" many can't handle.
      They can read the screen top to bottom, or they can look at special places like top right, but not this "complete list of everything on the screen in your brain".
      It's probably also why things moving is such a big problem. If they learned a spot by heart it's fine, but if it's somewhere else it becomes a needle in the haystack.
      And now that I just check what a mess Google made of the first page search results it's not wonder people get confused.
      Just look at it: wikipedia on the right, search bar and target.com content table on the left, then Twitter results, for some reason inside huge square boxes (wtf?!?), Facebook, pinterest, app store link and then images, and on the second page there is Twitter AGAIN.
      I mostly use DuckDuckGo because the "privacy" stuff Google needs you to accept pisses me off and I don't think the results themselves are better, sometimes worse, but at least they didn't make such an UNHOLY MESS of their search results page.
      I think it's time to move on from Google for search, they obviously fell victim to a deadly case of featuritis.

    8. Re:Who clicks ads? by Ol+Olsoc · · Score: 1

      I mostly use DuckDuckGo because the "privacy" stuff Google needs you to accept pisses me off and I don't think the results themselves are better, sometimes worse, but at least they didn't make such an UNHOLY MESS of their search results page.

      This! Google's searches had become me needing to manually subsearch what they provided, and at least half the time I needed to go to the second page.A lot of their top results are hosted out, os they don't work for me anyhow. The lack of tracking is a bonus, although I take care of that via other ways as well.

      DDG isn't perfect, but at least it's a lot more useable.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    9. Re:Who clicks ads? by roc97007 · · Score: 1

      I think that if people are prone to thinking anthromorphically, they should be told that The Internet Is Not Your Friend. It's really not. It's more like one of Lovecraft's Great Old Ones. Immensely powerful, but utterly alien, and just as likely to destroy you as to help you. Asking trivially worded questions and accepting the first answer (or, anything on the first page, usually) is almost always the wrong thing to do, and courts disaster. To have any chance of success requires some knowledge of how to phrase a request, and how to recognize which answers are gibberish, a trap, or truly helpful.

      Like you, I've been doing this for so long that I don't even think about using double quotes and ordering to narrow down results, and to be very skeptical of the answers. It surprises me occasionally that others don't know how to do this.

      --
      Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
  4. Not Very Surprising by Anonymous Coward · · Score: 1

    "used a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link [...] Surprisingly, this got past Google's ad quality control service"
    How is it surprising that a feature used as intended got past QC?

  5. "Please disable adblocker, our ads are trustworthy by Anonymous Coward · · Score: 1

    Lol.

    Anyway, killing google's ads is easy. Killing the gratuitous anti-Trump propaganda mixed in with basically every google search (including a search for "Target"), not so much. I'd even settle for being able to turn off the "Top Stories" section that appears over most searches, which they seem to have coded in a filter-proof way (or I'm just a noob with custom filters). Someday I'll whip up a greasemonkey script to get rid of it, if nothing else.

  6. Most All Ads Hide The Destination Site by Anonymous Coward · · Score: 1

    Most all ads are as bad as link shorteners in that the final destination is hidden. On a related note, many links on the web these days are hidden / spoofed via javascript. It's beyond time for ad networks to assume some liability for hosting / distributing malware ads. One simply can't trust clicking on any ad. I emphasize this to others whenever the topic of computer security comes up. An ad blocker is increasingly a necessity.

    1. Re:Most All Ads Hide The Destination Site by RotateLeftByte · · Score: 1

      Just don't click on ads or shortened URL's. Doh!

      One bad short URL could land you in jail and on the sex offenders register for life (kiddie pron). Don't take chances.

      --
      I'd rather be riding my '63 Triumph T120.
    2. Re:Most All Ads Hide The Destination Site by KiloByte · · Score: 2

      How is that different from any other 302/303?

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  7. Quick..... by Anonymous Coward · · Score: 2, Insightful

    People are fucking idiots - but lets blame someone else

  8. hosts by TheRealMindChild · · Score: 3, Insightful

    0.0.0.0 googleadservices.com

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
  9. Re: first poist by FatdogHaiku · · Score: 3, Funny

    Hey, buddy. You forgot to renew your domain name. Careful or someone might nab it from ya!

    An excellent opportunity for a goat dealer on Christmas Island!

    --
    You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  10. Ran into this today... by __aaclcg7560 · · Score: 1

    When I got the pop-up message this morning, I thought it was from a French website that some asshat posted my picture. Must have came from somewhere else. The French website respected my DMCA takedown notice and took down my picture this afternoon.

  11. Not surprising at all. by Reaperducer · · Score: 2

    "Surprisingly, this got past Google's ad quality control service"

    Actually, it's not surprising if you've ever had to deal with Google's ad quality control service. It's worse than Dell support in the 90's.

    --
    -- I'm old enough to have lived through six different meanings of the word "hacker."
  12. There are ADs on a web browser? by bigdady92 · · Score: 2

    Since when? Oh people still browse without an AdBlocker. Silly people.

    --
    Wheel of Time: Book by Book and Sumview (summary review) Bigdady92 style: http://bigdady92.blogspot.com/
  13. "be as evil as possible" by Anonymous Coward · · Score: 1

    Google use to have "don't be evil" as the code of conduct. Now the new code perhaps should be "be as evil as possible". They are doing all evil things in order to chase the ad money. Look at how they structured youtube playback, you can see how bad they are. Somebody also pointed out the timing they announced the TPU 2 hardware, isn't it too close to the coming out party of NVIDIA's Volta?

  14. best place to report scams? by swell · · Score: 1

    from TFS: "posted his observations to a StackExchange thread..."

    What is the best place to report such scams? I don't want to have to create an account or fill out a stupid web form. I want an email address (that allows attaching screen shots, etc) for someone, some organization, some agency who can expedite a solution for the general public. Thanks.

    --
    ...omphaloskepsis often...
    1. Re:best place to report scams? by Anonymous Coward · · Score: 1

      If the problem is in Sweden, try the government consumer agency's Swedish web form or one of 15 other languages. For other EU and EES countries, try the tax funded NGO European Consumer Organisation.
      If you're a Yank, shut up and try not to be locked up as a traitorous commie, I guess.

  15. Mozilla to the rescue? by mrsam · · Score: 4, Interesting

    If the folks at Mozilla are listening, this is a golden opportunity to score some brownie points.

    It should be possible for a browser to detect when a click on an anchor tag gets intercepted by a javascript onclick that goes to a completely different URL, and for the browser to throw a big fat warning instead.

    Of course, nobody would expect for Chrome to do anything like this, since Google depends on this hostile and abusive practice for generating ad click revenue. But I would think that this would be a value tool for blocking potential exploits, and a thumb in the eye of Google.

    1. Re:Mozilla to the rescue? by KiloByte · · Score: 1

      Nope, features that would actually benefit the user get auto-WONTFIXed. And it's not a new thing.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    2. Re:Mozilla to the rescue? by drinkypoo · · Score: 1

      Nope, features that would actually benefit the user get auto-WONTFIXed. And it's not a new thing.

      And that's the best example you could come up with? Just like the notes say, a user script can handle this efficiently for the minuscule percentage of users that need it. This is also true for the problem we're discussing now. Meanwhile, it's absolutely normal for webpages to intercept clicks to hrefs with a script. That's a common way, for example, to provide fallback functionality for users without javascript. The idea that you should bring up a warning every time it happens is patent nonsense.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    3. Re:Mozilla to the rescue? by drinkypoo · · Score: 1

      Not "every time", but when the click "goes to a completely different URL".

      You mean like when a script is delivered from a CDN?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    4. Re:Mozilla to the rescue? by sootman · · Score: 1

      > It should be possible for a browser to detect when a click on an anchor tag
      > gets intercepted by a javascript onclick that goes to a completely different
      > URL, and for the browser to throw a big fat warning instead.

      It should be possible that a status bar would show you EXACTLY what you're about to click on (bonus: it should not be over-writeable by JavaScript) but OOPS TOO LATE FUCK YOU THAT SHIP HAS SAILED STATUS BARS ARE UGLY SO WE GOT RID OF THEM LOLOMGWTFQQB!!!!!111
      - Signed,
      All major browser makers

      --
      Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
    5. Re:Mozilla to the rescue? by tlhIngan · · Score: 1

      It should be possible for a browser to detect when a click on an anchor tag gets intercepted by a javascript onclick that goes to a completely different URL, and for the browser to throw a big fat warning instead.

      I believe NoScript's anti-clickjacking does it - it pops up a dialog saying your click would go somewhere else and you can see it with and without the clickjacking.

      The real question is - how in the world did someone install the onclick handler? If you're searching Google, all the data comes from Google so ...

  16. Worse than worthless by AndyKron · · Score: 1

    A search engine is worse than worthless if it allows this to happen.

    1. Re:Worse than worthless by Anonymous Coward · · Score: 1

      google is an advertising company.

      an advertising company is worse than worthless if it allows this to happen.

      and... this is entirely their fault.

      a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link

      what? they are actively supporting and encouraging the use of misleading advertisements and links.

      if you can't trust the largest online advertising company to keep you safe from malicious advertisements and links......

      just one more reason why adblockers are an essential security tool when online.

    2. Re:Worse than worthless by David_Hart · · Score: 1

      A search engine is worse than worthless if it allows this to happen.

      Well, that's how they started out, as a search company. They started accepting money to fudge the results to push those who pay to the top and created side ads. But Ad dollars are like crack, they got addictive. Now they post the ads on the op of the search instead of the results.

      By the way, they got rid of the "don't be evil" motto when they became Alphabet. Now it's "Do the Right thing". Which, if you think about it, is much more ambiguous because the right thing for shareholders isn't always compatible with the right thing for users.

      This is an example where the right thing for shareholders, charging lots of money for prominent ads that show up before every search, leads to the wrong thing for users, a first page with practically no good search results and one where Ad hijacking is easy....

  17. Google is an advertising company first by Anonymous Coward · · Score: 1, Insightful

    The faster the google/android fans recognize this, the better.

  18. Re:"Please disable adblocker, our ads are trustwor by jafiwam · · Score: 2

    Lol.

    Anyway, killing google's ads is easy. Killing the gratuitous anti-Trump propaganda mixed in with basically every google search (including a search for "Target"), not so much. I'd even settle for being able to turn off the "Top Stories" section that appears over most searches, which they seem to have coded in a filter-proof way (or I'm just a noob with custom filters). Someday I'll whip up a greasemonkey script to get rid of it, if nothing else.

    Just switch to Bing, DuckDuckGo, or one of the others.

    Google will straighten up or get replaced.

    Sitting around wishing they will get better on their own is a fool's errand.

  19. Oh shit! by wardrich86 · · Score: 1

    This is really interesting - I actually saw somebody search for American Express on Bing and end up on a different bogus website. I had no idea how they managed to pull it off, but now I think I have some idea of what happened...

  20. Not just Target by sabbede · · Score: 1

    Weeks ago I googled "walmart", and the top result was a support scam. I reported this to google, using the term "dumbass".

  21. Re:Not the top search result by sabbede · · Score: 1
    For one, these results (happened with walmart and amazon as well) appear to be ads from the companies themselves. As for blockers, I use AdBlock and still ended up seeing and clicking a fake Walmart link.

    I was very annoyed by this and reported it to google in less than polite terms.

  22. Google enables the scamming of the elderly by urbanriot · · Score: 1

    I don't know why Google isn't called on this by more people as it seems like it's common knowledge by techies that Google's first hits on a Google search are scam sites attempting to trick you into calling them rather than HP, D-Link, Microsoft, etc.. While the savvy folks on this site would subconsciously skip past these links, seniors are regularly calling these numbers to invite malicious scammers into their computers who then proceed to charge them recurring fees to maintain their computer.

    A friend of mine works for a local in-home computer service company and relayed a story of a woman that was paying around $3,000 a year for 'maintenance' from a scammer that started with her calling "D-Link" (I use quotes because it's a Google result not the real D-Link) because her internet provider, Cogeco, advised her to do this due to some UPNP vulnerability. She called them a few years back and was fleeced for years.

    Using Google right now, which geolocates me to Google Canada, if I Google search for "HP Phone number" the first hit is Google customer "HP Phone Number - Call (Toll Free) Phone Number - printerhelpdesk.usâZ". That's not Hewlett Packard. âZ

  23. Why does this even exist? by Solandri · · Score: 1

    used a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link

    What possible reason does this "feature" have for even existing? The whole purpose of displaying a URL when you hover over a link is to tell the user where the link will take them. There's no legitimate reason to ever override that behavior.

  24. Soviet by hattable · · Score: 1

    I came here for a 'in Soviet Google, target is YOU!'...left dissapointed.

    --
    OMG facts!