The Problem with adverts on Google search results
I’m someone who uses Google Adsense on a website I own, the adverts cover the server and software costs of running the website, leaving me a bit of extra cash for myself, which i usually spend on things to create more content / reviews for the website i have. With that in mind i generally don’t mind seeing the odd advert here and there, as long as the website is not covered with them.
However on to what this blog post is about… What i do think is really concerning is that if you Google some free software, for example Adobe Reader, the advert above the first result always appears to be an advert for a malicious download of that application. When installed this malicious download will install loads of ad-ware, spyware and other malicious software you really don’t want on your computer.
Below is a screenshot of the search results on Google UK when “adobe reader” has been searched for. If you look at the URL for that advert below its clearly not an official link from Adobe. However companies appear to be using Google Adwords to trick people in to downloading their malicious software.
An example of a fake Adobe Reader advert
I imagine its pretty well known people generally click the advert at the top of search results, and not the first organic search result. With that in mind i wonder how many people think they are downloadinga legitimate version of Adobe Reader and end up infecting their computer with spyware, keyloggers or ad aware? PDF’s are pretty much the standard way of sending a document to someone, for example an Invoice, so this appears a very easy way to get malicious software on to someone’s computer.
It works too as i’ve seen it happen, which is the whole reason im making this blog post. Maybe this is not anything new, however as i usually block adverts in search results, so its certainly something i don’t see every day.
Someone I know had got a new laptop, I was setting it up with a few programs for them. Anyway I left the new laptop updating (foolishly with this person), about half an hour later this person came and said “I thought i installed adobe reader, now my laptop is full of tool bars and security scanning programs”. So i went and had a look, then asked the person to show me how Adobe Reader was obtained.
Basically the person went on Google, searched for “Adobe Reader“, clicked the first result and downloaded it.
Sure enough, this is what clicking the first paid result on Google for Adobe Reader take you to:
A website offering a download of Adobe Reader, which is actually a lot of fake security scanning programs.
To be fair to the person in question. how is your average person who is not very tech savvy supposed to know the first download result on Google is malicious? The above website has the Adobe Reader logo the person had seen before, screenshots of how the application looked, along with a good enough description.
Did this person just get unlucky?
You might think this person just got unlucky, well that screen shot was taken in October 2013, its now February 2014 and if you Google “Adobe Reader” the first paid for result still takes you to the exact same website in the screenshot above. I don’t want to link to any malicious websites like that, however do a search and see for your self.
The same also happens if you search for “Skype download” on Google, this time you are shown three adverts, all linking to supposed downloads of Skype which are actually malicious. Again the screenshot below was taken in October 2013, the exact same results are still displayed in February 2014:
A screenshot showing adverts for malicious Skype downloads on Google
So what about when we search for some Google Software, such as the popular web browser Google Chrome? well the first paid result on Google for that is also a link to a malicious download too…
A screenshot showing a malicious download of Google Chrome
With the Google Chrome link if you scroll right to the bottom of the quite large fake webpage about it, the site is honest and states:
“Modified Installer (website name removed) is distributing custom installers which are different from the originally available distribution. These new installers comply with the original software manufacturers’ policies and terms & conditions, however, they are not the originals. Our proprietay download manager will manage the installation of your chosen software. In addition to managing your download and installation, our proprietay download manager will offer free popular software that you may be interested in. You are not required to install any additional software to complete your installation of your selected software. You can always completely remove the programs at any time in Windows’ Add/Remove Programs.”
I would however be amazed if anyone is going to read the entire page and see that however. I still dont personally see how adverts like this are been approved by Google. I know from past experiences of running Google Ad-Word campaigns i’ve had to wait a few hours for my adverts to be approved. With that in mind i would think at least some sort of verification is going on after an advert has been created on Google Adwords.
Without taking a million and one screenshots you will also find the same sort of thing going on if you search for other popular free software such as “Winamp”, “Google Earth Download” and various other free applications.
So is this a good enough reason to justify blocking adverts? well to be honest your average computer user is probably safer on the internet with an ad blocker enabled, however as mobile devices and tablets are becoming more popular these malicious websites targeting Windows based PC’s are not going to have any effect.
Regardless I think if your not a very tech savvy user you probably are safer blocking adverts in my opinion, however if you use a certain website a lot i do believe you should white list that website and see the adverts on it. If everyone on the internet blocked adverts a lot of popular website probably would not be able to afford to stay on-line. I guess its one of those catch 22 situations where something is been abused for malicious purposes.