Google keeps phishing ad after being reported

7 points by alexk74 2 years ago · 3 comments · 2 min read

Yesterday I almost installed a download from a phishing site if it hadn’t been for Chrome to block the download and mark it as suspicious.

I wanted to download PostgreSQL on my mac. I googled "install postgresql" and then click on the official PostgreSQL site. I was undecided about whether to install it via Homebrew or by downloading the app itself. I closed the tab and then I decided to download the PostgreSQL app. I quickly typed 'download postgres' and I clicked without looking on the first Google result. Again, I clicked download without looking, assuming it was the official site. Then Chrome warned me that the download was suspicious.

When I checked the website url, it was posfgresql.com instead of postgresql.com... I was in shock... I knew about phishing ads on Google, but I didn’t think it would happen to me.

I reported the ad to Google and the domain to Cloudflare (many phishing sites route through Cloudflare, likely because of the ease of setting up HTTPS).

Today, I received a response from Google stating:

Dear Alexandru,

We’re writing to let you know that we reviewed your report (ID 9-7817000036510).

Here's what we found

We decided not to take this ad down. We found that the ad doesn’t go against Google’s policies, which prohibit certain content and practices that we believe to be harmful to users and the overall online ecosystem.

I was in shock again. How is this possible to promote phishing ads and not even remove them after being reported? It is that hard to check the url redirect?

I checked the advertiser's page and all their ads are phishing urls...

Here's the advertiser's link:

https://adstransparency.google.com/advertiser/AR10215658740934246401