Google Has Trouble Detecting Fake Tech-Support Ads

Ionut Ilascu

Fraudulent tech-support services that buy online advertising space have grown in sophistication to a level that Google cannot distinguish them from legitimate providers.

Operators of tech-support scams often operate just like a legitimate business to avoid detection and to ensure their success for a longer time. Sometimes even employees are unaware of the illegal activity.

Over the past few years, began to promote their activity through search ads, claiming to be an authorized service center for products from popular companies such as Apple, Microsoft or Dell.

Playing on the user’s trust in the results and ads provided by Google, most of the times the scammers just have to wait for the victim to call.

The tactic is powerful because the potential victims are the ones placing the call, so they have already shown some trust in the service.

“For many years, we’ve consulted and worked with law enforcement and government agencies to address abuse in this area. As the fraudulent activity takes place off our platform, it’s increasingly difficult to separate the bad actors from the legitimate providers,” Google director of global product policy, David Graff wrote.

To curb this type of malicious activity, the advertising company’s new policy is to allow ads only from verified third-party support providers.

A verification program is set to run at a global level in the following months to make sure that only legitimate providers can advertise on Google’s platform.

Fraudsters getting professional at it

Tech-support scammers have become more proficient at what they do. Apart from creating websites that instill trust, they also try to obtain as much information as possible about the victim or their machine, to help them make the deceit more difficult to spot.

Symantec published at the beginning of August a report on how fraudulent tech-support activity has started to integrate call optimization, a service that allows them to dynamically insert phone numbers in web pages.

One benefit to the scammer is that they can show the victim a phone number that points to someone speaking their language.

Any extra information helps with the social engineering, as it makes it easier to remove suspicions about any seemingly out of place instructions and demands.

For instance, multiple Dell customers were contacted by tech-support scammers that knew sufficient details about them and their computer to make the call appear legitimate.

One Dell customer had their laptop encrypted and held for ransom after the scammer correctly provided information that should have been available only to a legitimate service employee (machine service record, serial number, and warranty information).

Graff says that while Google’s verification program aims to separate the bad actors, it is not a guarantee that scammers will disappear; however, it will make their endeavors a lot more difficult.

This decision is likely to have the scammers return to cold-calling their victims, which can yield very unexpected results: