Google Briefly Hosts Fake Amazon Result For Second Time

Not too long ago, internet search giant Google was duped into hosting a fake search result for online shopping giant Amazon that actually led to malicious content, and now it's happened again. This time around, the malicious ad was taken out on Google and looked to lead to the front page of Amazon, using a proxy script on their end to fool Google's automated ad verification services. Google was notified about the ad fairly quickly by a prudent search user, and managed to track down the fake ad listing and take it down. It was up for a few short hours on Thursday, but due to its trustworthy nature and the popular subject matter it aped, it could possibly have led millions astray during its time on the web.

The actual malicious page that the link led to was hosted on GoDaddy, and the hosting service quickly took the page down after learning about it. The ad mimics a system error message, using information from your browser and OS to look somewhat convincing, and can kick the browser into full screen mode and mimic ransomware if you try to dismiss it. It's a social engineering bid that hopes to see gullible users scammed into calling a listed phone number and paying for a service that will solve the computer issue that the popup claims the victim's computer has.

As mentioned above, this is not the first time that something like this has happened, or even the first time that people trying to use Google to reach Amazon were specifically targeted. Unfortunately, the logic behind this tactic is pretty plain, which means that similar attacks will likely happen in the future, if attackers can find more creative ways around Google's security measures. The target crowd for this attack is using Google to get to Amazon, which means that they're likely either proceeding from within a browser that has Google set as the home page, or are simply typing "Amazon" into their address bar. In either case, this navigation tactic is inefficient compared to typing "amazon.com" directly into the address bar of any given browser, and is, anecdotally, usually employed by people who are less than proficient when it comes to computers and technology, making them potentially easy prey for scareware and other types of social engineering attacks.

Copyright ©2019 Android Headlines. All Rights Reserved
This post may contain affiliate links. See our privacy policy for more information.
You May Like These
More Like This:
About the Author
2018/10/Daniel-Fuller-2018.jpg

Daniel Fuller

Senior Staff Writer
Daniel has been writing for Android Headlines since 2015, and is one of the site's Senior Staff Writers. He's been living the Android life since 2010, and has been interested in technology of all sorts since childhood. His personal, educational and professional backgrounds in computer science, gaming, literature, and music leave him uniquely equipped to handle a wide range of news topics for the site. These include the likes of machine learning, voice assistants, AI technology development, and hot gaming news in the Android world. Contact him at [email protected]