Fake eBay advertising in Google Search Results

Over the last week, a fake ad began to appear in Google search results, disguised as a legitimate eBay campaign. If a user followed this ad, they tried to mislead him using a fraudulent scheme with technical support.

In this particular campaign, fraudsters used the cloaking method, usually this technique helps to bypass the Google, Bing and other search engines checks.

A researcher who discovered fake ads immediately reported a Google problem. However, it didn’t wait for action – the fraudulent ad continued to surface in the search results of the Internet giant.

After analyzing this malicious campaign, the researcher concluded that fake eBay ads were not shown to all users, and only at certain times of the day. The specialist noted that the ad “preferred” US IP addresses, appearing on the second and fourth search pages.

At the bottom of the ad was a link that supposedly should lead to www.ebay.com. Below is an example of fake ads:

When clicking on this ad, the user got on a whole series of redirects, which eventually resulted in freefixes13.azurewebsites.net. This site is still functioning, you should not visit it.

On the malicious site, the user was shown that Microsoft detected a malicious program and blocked the computer. You can see the diagram below on the video below: