• AutoTL;DRB
    link
    English
    31 year ago

    🤖 I’m a bot that provides automatic summaries for articles:

    Click here to see the summary

    Google has been caught hosting a malicious ad so convincing that there’s a decent chance it has managed to trick some of the more security-savvy users who encountered it.

    Combining the ad on Google with a website with an almost identical URL creates a near perfect storm of deception.

    “Users are first deceived via the Google ad that looks entirely legitimate and then again via a lookalike domain,” Jérôme Segura, head of threat intelligence at security provider Malwarebytes, wrote in a post Wednesday that revealed the scam.

    The ads were paid for by an outfit called Digital Eagle, which the transparency page says is an advertiser whose identity has been verified by Google.

    When in doubt, people can open a new browser tab and manually type the URL, but that’s not always feasible when they’re long.

    Another option is to inspect the TLS certificate to make sure it belongs to the site displayed in the address bar.


    Saved 63% of original text.