Scammers successfully post fake Amazon ad on Google, again

On Thursday, the top Google search result for "Amazon" was a scam tech support website, marking the second time this issue has come up.

Suspect spam? 3 steps to keep it out of your inbox Repeatedly receiving spam emails gets annoying. Learn how to stop it from the source with these simple tips.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • On Thursday, the top Google search result for "Amazon" was a scam tech support website.
  • Google has displayed fake tech support sites for Amazon at least twice in the past two years.

Once again, scammers were able to post a fake Amazon ad in Google search results, as reported by our sister site ZDNet.

On Thursday, for several hours, the top Google search result for "Amazon" led to a scam website, ZDNet reported. The scam link appeared before even the legitimate search result.

If a victim clicked on the link, they were sent to a page that tried to trick them into believing their computer had been infected with malware, and prompted them to call a number and likely send money for "IT support." The page presents itself as an official Apple or Windows support page, depending on your computer, according to ZDNet.

SEE: Intrusion detection policy (Tech Pro Research)

ZDNet analyzed the scam website's code, and found that anyone who tried to close out of the popup box would likely see the browser expand to full screen, making it look like the computer had been infected with ransomware.

Google has allowed a spoofed Amazon ad to get posted at least twice in the past two years, ZDNet reported. And Amazon has not been the only target: Last year, a fake Facebook customer service number appeared as the top Google result for Facebook support. Google's Gmail has also had trouble filtering spam from a address.

While it's difficult to say how many victims fell for the scam, Amazon is the top search result for retail companies on Google, with millions of searches daily, ZDNet noted.

In 2017 alone, Google took down 3.2 billion ads that violated its advertising policies, as reported by our sister site CNET. Since spam ads can clearly still make it through, businesses should train their employees to recognize fake support scams in order to keep information systems safe.

Also see

Image: ZDNet

By Alison DeNisco Rayome

Alison DeNisco Rayome is a Senior Editor for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.