News

Fake eBay advertising in Google Search Results

Over the last week, a fake ad began to appear in Google search results, disguised as a legitimate eBay campaign. If a user followed this ad, they tried to mislead him using a fraudulent scheme with technical support.

In this particular campaign, fraudsters used the cloaking method, usually this technique helps to bypass the Google, Bing and other search engines checks.

A researcher who discovered fake ads immediately reported a Google problem. However, it didn’t wait for action – the fraudulent ad continued to surface in the search results of the Internet giant.

After analyzing this malicious campaign, the researcher concluded that fake eBay ads were not shown to all users, and only at certain times of the day. The specialist noted that the ad “preferred” US IP addresses, appearing on the second and fourth search pages.

At the bottom of the ad was a link that supposedly should lead to www.ebay.com. Below is an example of fake ads:

When clicking on this ad, the user got on a whole series of redirects, which eventually resulted in freefixes13.azurewebsites.net. This site is still functioning, you should not visit it.

On the malicious site, the user was shown that Microsoft detected a malicious program and blocked the computer. You can see the diagram below on the video below:

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Pbmsoultions pop-up ads (Virus Removal Guide)

Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove Prizestash pop-up ads (Virus Removal Guide)

Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove Verifiedbreaking pop-up ads (Virus Removal Guide)

Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…

1 day ago

Remove Themoneyminutes pop-up ads (Virus Removal Guide)

Themoneyminutes.com is a domain that tries to force you into subscribing to its browser notifications…

1 day ago

Remove News-xcidizi pop-up ads (Virus Removal Guide)

News-xcidizi.com is a domain that tries to trick you into clik to its browser notifications…

2 days ago

Remove Everytraffic-flow pop-up ads (Virus Removal Guide)

Everytraffic-flow.com is a domain that tries to trick you into subscribing to its browser notifications…

2 days ago