Why spend hours crafting a phishing email when you can just pay Google to serve it for you?

In late 2023, scammers used Google Ads to promote fake bank support numbers, tricking customers into calling fraudsters who then drained accounts - one campaign targeting Bank of America customers led to losses exceeding $1.2 million before takedown^[ref].

Here’s how cybercriminals abuse Google Ads—legit-looking links with shady intentions:

🔎 Search Hijacking - Sponsored ads that spoof bank or email logins appear above the actual search results.

🌐 Lookalike Domains - From `emirateskrpost.top`, `dubaipoliza.live` or `ebay-saudiarabia.com`, these are close enough to click.

🛠️ Fake Tech Support - Ads promoting “Microsoft Help” or “Norton Cleaners” actually install spyware or ransomware.

📥 Malicious Downloads - Ads for wallet apps, tax tools, or video converters often serve malware.

👤 Brand Impersonation - Fraudsters mimic well-known names like Adobe, Amazon, or banks to build trust fast.

🎯 Keyword Targeting - They bid on exact-match keywords like “RAKBank login” or “MOFA attestation UAE”.

🌀 Affiliate & Redirect Abuse - Some mix in click fraud and shady commission farming too.

A fraudster’s dream: pay-per-click, zero human error, maximum ROI.

🚨 So, what can you do?

- Teach your loved ones - especially the elderly - that even paid Google results are not always what they seem to be

- Encourage direct access habits and use bookmarks instead of search (or type in the domain yourself)

- Use ad blockers or click with caution, especially for logins

- For companies - monitor your branded keywords and report impersonating ads and train staff to always double-check URLs, even paid ones