Address bar shows HP.com site. Browser displays scammers’ malicious text anyway

rcjordan · June 20, 2025, 12:22:06 AM

https://arstechnica.com/security/2025/06/tech-support-scammers-inject-malicious-phone-numbers-into-big-name-websites/

Google ad injects page parameters in browser

littleman · June 20, 2025, 02:07:39 AM

It's been a while since I've seen a display URL spoofing via IDN Homograph Attacks or JavaScript manipulation. I guess this is the next stage.

ergophobe · June 20, 2025, 08:26:34 PM

Interesting. The basic problem here is that Google lets anyone buy an ad that links to any site, right? The domain has to match the final destination, but anyone can send traffic to MS if they want to.

I like this little "fix" for the problem:

"A more comprehensive preventative step is to never click on links in Google ads, and instead, when possible, to click on links in organic results."

If widely adopted, that could fix a lot of things other than this one exploit

rcjordan · June 20, 2025, 09:11:46 PM

>fix

Google has ads?

ergophobe · June 20, 2025, 09:22:34 PM

Yes. If you see a company you don't like, you click on them. If you see a company you like, you scroll to organic.

Address bar shows HP.com site. Browser displays scammers’ malicious text anyway

rcjordan

littleman

ergophobe

rcjordan

ergophobe