Given how lucrative online crime can be, it probably isn't surprising that internet scammers continue to develop clever new ways of finding new victims.

One of the latest: Google AdWords.

According to InternetNews, scammers are purchasing legitimate-looking AdWords campaigns and using them to redirect searchers who click on those ads to malicious websites. Some contain viruses and trojans that have been designed to avoid detection by anti-virus programs. Some of these malicious websites even employ 'scareware' to trick victims into believing that they're providing anti-virus software.

One might think that this type of abuse of AdWords would be easy for Google to thwart but that appears not to be the case.

According to Ryan Sherstobitoff of anti-virus vendor Panda Software, "If you do a Google search using the term free antivirus 2009, all the sponsored links point back towards scareware. Now, instead of stealing your banking information, these spammers infect your PC and make you pay for the fake anti-malware immediately."

Making matters worse, traffic management applications are used to help scammers avoid detection. When someone clicks on a scammer's AdWords ad, for instance, sometimes they'll be redirected to a legitimate website. Thus, even if Google receives a complaint, it might not immediately be able to confirm the complaint.

While the sophistication and ingenuity of online scammers isn't surprising, the threat from the abuse of paid search ads is disturbing. If abuse becomes too widespread, these ads could lose their effectiveness, especially amongst those who have a bad experience and in turn become more hesitant to click on a paid ad. Fighting this scourge should be a priority for Google (and any other search providers who provide paid ads).

Additionally, I think it highlights that vigilance SEMs need to have in monitoring their own campaigns. With scammers already copying whole websites and setting up phantom stores to steal from people, I can't help but think that a similar technique might eventually be employed with these AdWords scams.

It's a dangerous online world out there.

Patricio Robles

Published 23 January, 2009 by Patricio Robles

Patricio Robles is a tech reporter at Econsultancy. Follow him on Twitter.

2647 more posts from this author

You might be interested in

Comments (4)



As the article you link to points out, Google does not allow redirects on Adwords ads, so I wonder how these accounts are being allowed to run? Strange.

over 9 years ago


Marble Host


   It's good to see google has commented on the mistakes rather than simply to hush it up.

  That said" live free sex move " seem like sometihing rargeted at an uneducated person, who doesn't know abut torrent trackers ?

over 9 years ago



I had never heard about this, but basically I know full well that any time an ad has the chance to load, it can have the potential to be malicious and travel to your computer by way of your browser. The redirect virus is a fine example of this

over 7 years ago


Expert Reviews

I can't get my ad put through Adwords but these idiots can?

about 7 years ago

Save or Cancel

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Digital Pulse newsletter. You will receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.