Cybercriminals are Using Paid Ads to Get to Top Cloud Provider’s Customers

Is that Google search safe? Maybe not. You need to double check it before you click on anything.

Just because Google displayed a link for you does not mean it is safe. In the example below, bad guys actually paid Google to display their malware link at the top of search results. I’ve often pointed out that Google is in the business of placing ads regardless of the ad. The fact that this is a fake website that is designed to steal login information doesn’t matter.

This is a paid ad on Google (image from TrendMicro)

The link above looks fine, right? However, if you hover over the link, you will see that it really doesn’t go to AWS at all. It goes to a website designed to look and feel like AWS.

(image from TrendMicro)

In fairness, they likely they didn’t even know this was happening. Their system is so automated that it’s highly unlikely that Google realized they were being used in this way. Google is #1 in search results because people use it. Too many links like this and people will stop using Google. They know that and it’s in their best interest to remove these ads.

To help stay safe, try these things when you are browsing the web:

  • If you log into sites on a regular basis, bookmark those sites. Don’t use a search engine to find the login page.
  • Always hover over a link before you click it. The destination will be displayed, usually in the lower part of the window.
  • Humans are not good at understanding exactly what will happen with a long URL. Links are easy to manipulate and hide things in. When in doubt, type the address url directly into the browser. Usually going to a website homepage will allow easy access to login pages.

This article derived from great stories and work on

Paul Bergman
Follow me