info@cityfirstconnect.com
+1 (888) 774-3856
Radiant Chat Login🔓
Blog
Home PPC Phishing scams in Google Ads led searchers to fake crypto wallets
PPC

Phishing scams in Google Ads led searchers to fake crypto wallets

Jason November 4, 2021 0 Comments

Those who are new to cryptocurrency may not totally understand how every aspect of virtual currency works. Many will go to Google and other search engines to search for things like “What is cryptocurrency?” “How to buy Bitcoin” and “What is a crypto exchange?” Knowing that not everyone is keen on how it works, scammers have taken advantage of crypto newbies through a phishing scam where those involved lost over $500,000, according to research by Check Point Research.

What happened? “Attacker buys Google Ads in response to searches for popular crypto wallets (that’s the software used to store cryptocurrency, NFTs, and the like),” said James Vincent for The Verge.

From there, crypto-novices who search for related queries are served a Google Ad results which actually takes them to a phishing site instead of a legitimate URL. “Researchers from CPR spotted multiple phishing websites that looked like the original website because the scammers copied its design. For the domain “phantom.app”, the Phantom wallet’s official site, we encountered phishing variants like phanton.app or phantonn.app, or even different extensions like “.pw” and more,” wrote CPR researchers Dikla Barda, Roman Zaikin and Oded Vanunu.

After that, the searcher will be instructed to enter their credentials (which the scammers then steal and transfer funds to their own wallets) or they receive a recovery password that logs them into the scammer’s wallet — so any added funds will go into that wallet instead of their own.

Google’s cryptocurrency ad policies. In June, Google Ads updated its cryptocurrency ad policies to be more strenuous and require certification, Search Engine Land reported. “Google has recently gone back and forth with policies around ads for crypto exchanges and wallets. In early 2018, Google originally banned crypto advertising, but rolled back that ban later in the same year.” The June 2021 policy update included the following measures and required compliance by August 2021:

Financial advertisers will need to check the following boxes to be able to advertise on Google Ads:

  • Be duly registered with
    • (a) FinCEN as a Money Services Business and with at least one state as a money transmitter; or 
    • (b) a federal or state-chartered bank entity. 
  • Comply with relevant legal requirements, including any local legal requirements, whether at a state or federal level.
  • Ensure their ads and landing pages comply with all Google Ads policies

“Advertisers must also be certified with Google,” says the current Google documentation regarding crypto exchanges.

We’ve reached out to Google for comment, but had not received one by publish time. We will add the comment upon receiving it.

Why we care. Not only is this a huge loss for those who may not be crypto experts, but it dilutes the legitimacy and work of those ad specialists who went through the hoops to follow Google Ads’ cryptocurrency policies. The phishing ads also potentially instill distrust in searchers for ads results.

The post Phishing scams in Google Ads led searchers to fake crypto wallets appeared first on Search Engine Land.

AboutJason Richardson
Jason specializes in digital marketing strategies and founded a digital marketing agency Richardson Digital Media™. Richardson Digital Media™ has quickly become a preferred marketing provider for real estate companies and nationwide mortgage lenders. Jason has won 9 President’s Circle of Excellence Awards for loan production over his career and was most recently honored as one of National Mortgage Professional Magazine’s “40 Under 40: The 40 Most Influential Mortgage Professionals.”
PrevDestination mismatch: Advertisers are reporting another potential Google Ads glitchNovember 4, 2021
20211105 SEL BriefNovember 5, 2021Next