Quantcast

Google Responds To AdWords Scam Kerfuffle

Get the WebProNews Newsletter:
[ Search]

The practice of establishing AdWords accounts for the purpose of passing clicks through a third-party malware distributor has drawn a blame-the-user response from Google.

Google Responds To AdWords Scam Kerfuffle
Google Responds To AdWords Scam Kerfuffle

Google’s bread-and-butter paid search ads had a whiff of acrid spoilage to them after a nasty criminal attack using AdWords accounts became public knowledge.

Criminals used AdWords to direct web browsers through a third party website that attempted to infect the PC. The attack would take advantage of a flaw in Internet Explorer to drop a backdoor and a post-logger onto PCs; the malware specifically looked for credentials for 100 banking sites, according to Exploit Prevention Labs.

Google’s Inside AdWords blog has a new post available, with the company’s response to this egregious abuse of its product. They identified and shut down AdWords accounts linked to these attacks, and are continuing to monitor the situation.

“We actively work to detect and remove sites that serve malware in both our ad network and in our search results,” the post said. “We have manual and automated processes in place to detect and enforce these policies, and products such as Google Toolbar that actively seek out and alert users when they access malicious or suspicious sites.”

It doesn’t look like the processes worked. Exploit Prevention Labs began noticing the criminal AdWords placements on April 10, a full two weeks before Google deactivated the offending accounts. Those ads likely ran for a period of time before Exploit Prevention Labs picked up on them.

Google also gave the usual security advice to people about securing their systems with up to date virus protection, and changing complex passwords regularly. Good advice, but it’s also a deflection from the broader trust issue that people will have with paid search ads now.

Searchers were making very innocuous queries on Google that turned up these malevolent AdWords ads. These were searches that turned up phony ads for the Better Business Bureau and Cars.com, neither of which tend to be associated with the less than prurient sites (as in adult) usually associated with drive-by infections.

The situation is also going to make people who have been hit with attacks like these, without having visited any unusual sites, to wonder if this is how their systems got nailed with a nasty Trojan. This isn’t the first time criminals have tried to abuse AdWords, judging by Google’s stated practice of looking for this behavior.

It’s going to take more than a blog post to engender ongoing trust in paid search ads. Good luck with that.

Google Responds To AdWords Scam Kerfuffle
Top Rated White Papers and Resources
  • Jason Lee Miller

    We talked about this, Dave. It’s spelled curfuffle.

    :-)

    You don’t listen, do you?

    • David A. Utter

      The people have demanded the kerfuffle spelling with the ‘ke’. Only pinky raising tea drinkers spell it with a c-u.

      Enjoy your beverage ;-)

      • Marysue

        A little trivia in amongst the angst of trying to get a free press is good for the soul! But what people have demanded kerfuffle with a ‘ke’ beginning, ILO curfuffle? Americans? Americans never did know how to spell–or make tea, considering the Boston Tea Party;). Tea is made with BOILING water on top of loose leaf tea–not Lipton’s bagged dust; served with milk/cream and suger–not honey. Best tea is Murchie’s #10 Blend (Vancouver or Victoria, BC).
        ….signed, Tea Addict

        • David A. Utter

          kerfuffle results on Google: about 512,000

          curfuffle results on Google: about 3,110

          And no, we never bothered learning how to make tea. We learned how to make bourbon instead. And to drink it without raising a pinky.

  • http://www.youtubesecretsexposed.com YouTube Secrets

    I just recently bought into some Google adwords and what I find it to be is a big scam. my listins never showed up under the keyword I bid on and my account show’s NO CLICKS as in my click threw rate and I was charged for every penny i prepaid with.

    I will never use Google again due to this

    so if your planing on using Google adwords be careful and be shure you watch there every step.