Scam search result ads: What to know and how to protect yourself
Web search results are full of ads: links that businesses pay Google to display for them whenever people search for specific keywords. It’s annoying, but it’s also a security risk, because bad guys are now using these ads maliciously.
If you think you’d never fall for a scam search result ad, think again. In February, it happened to journalist, author, and special advisor to Electronic Frontier Foundation Cory Doctorow—clearly no stranger to technology or online dangers. It can happen to anyone.
Read on to learn about the risks of scam search result ads and how to keep yourself safe.
Why do bad guys pay for search result ads?
If bad actors are willing to pay for ads to show up in your search results, they’re doing it because they think they can make even money from your click.
The exact nature of the risk varies, but here are some common dangers associated with scam search result ads:
- Scam ads that link to phishing websites that steal your personal or financial information.
- Ads that link to brand impersonation or counterfeit products websites—the goal here is to get you to pay a scammer instead of the legitimate business you were searching for.
- Search results leading to malware distribution sites that try to convince you to download malware on your device.
- Ads that push fleeceware: scammy software distributed in Google and Apple’s app stores that charges exorbitant monthly subscription fees or contains hidden fees.
How to protect yourself from scam search result ads
Malicious search result ads are a big problem—and one that Google and other ad platforms have not yet addressed sufficiently. The issue isn’t going away anytime soon, so follow these tips to keep yourself safe online:
Play “spot the ad.” Every time you search, remember to look for the ads that appear in your search results. These will be marked, either with the word “Ad” or with something like “sponsored result.” Skip over these, even if it seems to be what you were looking for. Find the non-sponsored link by scrolling down the page to the actual search results.
Use safer search engines. Google is the king of search, but they’re fundamentally an advertising company. Bad actors target Google ads because that’s where the bulk of the searches are—and because Google’s ads are hard to distinguish from real search results. Using Brave search or DuckDuckGo is a safer alternative.
Remember it’s not just about web searches. You should look for (and avoid) sponsored ads on other platforms as well. Amazon, for example, has a huge problem with counterfeit products showing up in its search results. Facebook ads are also a well-known source of scams and malicious activity.
Use safe payment methods. In general, when you’re buying anything online you should use a payment method that will allow you to dispute a charge or claim a refund if needed. Credit cards and services like Apple Pay are good options.
Be cautious about downloads. Malware is out there. Before you download an app from a website, check and double-check to be sure that you’re actually on a legitimate, trusted software developer’s site. For extra security, you can also verify your macOS downloads using checksums. In addition, you should always use a reliable anti-malware solution on your Mac.