Search for Chrome on Bing, and you might get a nasty surprise
.jpg)
It’s 2018, and you can still end up with your computer compromised by searching for the world’s most popular browser.
That fact was brought home once again by Twitter user Gabriel Landau who, immediately upon firing up his brand new Windows 10 laptop and trying to download Google Chrome, was directed instead by Bing (the default search engine used by Windows 10’s default Microsoft Edge browser) to a bogus website.
Landau discovered that Bing was displaying a promoted search result to users who searched for the phrase “download Chrome” that linked to a non-official site (googleonline2018[dot]com).
If he hadn’t had his wits about him, Landau might easily have fallen for the scam and downloaded malicious code from the unauthorised site.
That’s all the more likely because – in the Bing promoted search engine result – the domain was listed as google.com, but actually took anyone who clicked to the dangerous link at the different domain instead.
Microsoft responded to Landau, saying that it has removed the offending Bing ads and banned the associated account. It has also pointed to a webpage where “low quality” ads (such as malvertising) can be reported by users.
That doesn’t, of course, explain how the ad in the Bing search results was able to claim it would take users to the genuine google.com domain.
But worse still, it doesn’t explain why the problem didn’t get fixed six months ago, when Bleeping Computer reported the same trick being used!
Back in April, Lawrence Abrams of Bleeping Computer described how using Bing to search for ‘chrome download’ resulted in an ad being displayed which appeared to direct users to the official Chrome download page at the google.com domain but actually took them to googlechrome2018[dot]net.
On that occasion, Microsoft responded within 24 hours by removing the ad.
But the problem is – this keeps happening. Microsoft removing dodgy ads from its Bing search results is all very well, but it isn’t stopping them from appearing.
Microsoft needs to more to prevent these misleading and malicious ads from appearing in search results in the first place.
All we can hope is that Microsoft Bing will now take the problem more seriously – and do a better job of policing its Bing search results ads in future. That, of course, should include verifying that the URLs displayed in the results match where users will actually be taken.
Landau has asked Microsoft’s Bing team what steps it is taking to prevent ads being listed with misleading URLs, but so far has received no response.
And as for googleonline2018[dot]com? Thankfully, most browsers are now blocking access to the URL and warning visitors of the danger.
But, of course, there’s nothing to stop scammers, confidence tricksters, and other online criminals from creating other domains that they might try to dupe users into visiting.
Source hotforsecurity
Industry: Cyber Security News
Latest Jobs
-
- Microsoft Security Operations Analyst | Bracknell | SC Clearable | SC-200
- Reading
- N/A
-
Senior SOC Analyst Level 2 / 3. Microsoft Security stack | SC Clearable Location: Hybrid remote | Berkshire SC-200 Senior SOC Analyst Level 2 / 3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting / triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents / escalations Conduct advanced threat hunting using the Microsoft Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills & Experience: The ability to achieve UK Security Clearance (SC) - existing clearance ideal. (Sorry no visa applications) Must have current experience working with a SOC environment Key experience must also include, but not be limited to Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL).
-
- Service Architect- DACH regions
- Germany
- Upto €110,000 plus bonus and benefits
-
Lead Service Architect with the authority and experience to take control of complex, multi-million-euro outsourcing bids. This role is about leading the Service/ solutioning effort, bringing structure to chaos, and driving the entire bid team to deliver winning proposals. The company area a global managed services business working with enterprise and public sector clients, across Cloud, End-User Computing, Digital Workplace, Service Desk, and Network Infrastructure. What You’ll Do: Lead Service/ solution design from qualification to contract. Control bid teams — architects, pricing, delivery, and SMEs. Break down RFPs/RFIs into actionable, costed, client-ready solutions. Present internally and to clients at decision-maker level. Run solution workshops, own the architecture, and shape the financial model. You’ll Need: Experience working as a Service architect, Service Manager or Customer Success Manager R Gravitas to lead and drive teams through high-stakes bids. Deep knowledge of managed services delivery and commercial models. Strong technical grasp: Cloud, Security, EUC, Unified Comms, Service Desk, and more. Experience leading deals across onshore, offshore, and hybrid delivery models.
-
- Deal Architect- DACH region
- Germany
- Upto €110,000 plus bonus and benefits
-
Lead Deal Architect with the authority and experience to take control of complex, multi-million-euro outsourcing bids. This role is about leading the solutioning/ Service effort, bringing structure to chaos, and driving the entire bid team to deliver winning proposals. The company is a global managed services business providing solutions to enterprise and public sector clients, across Cloud, End-User Computing, Digital Workplace, Service Desk, and Network Infrastructure. What You’ll Do: Lead the deal from qualification to contract. Control bid teams — architects, pricing, delivery, and SMEs. Break down RFPs/RFIs into actionable, costed, client-ready solutions. Present internally and to clients at decision-maker level. Run solution workshops, own the architecture, and shape the financial model. Be responsible for the service Wrap and ensuring the Service meets clients requirements You’ll Need: A back ground with IT Services Experience in a similar type of role, for example: Deal, Service, or Solution Architect in ICT outsourcing. Gravitas to lead and drive teams through high-stakes bids. Deep knowledge of managed services delivery and commercial models. Strong technical knowledge: Cloud, Security, EUC, Unified Comms, Service Desk, and more. Experience leading deals across onshore, offshore, and hybrid delivery models.
-
- Pre Sales Lead- IT Services
- Germany
- Upto €100,000 plus benefits
-
As the Pre-Sales Lead (Sales Engineer/ Solution Architect) you will drive large-scale ICT managed services and outsourcing deals (from €0.5M to €20M+). You'll work directly with Business Development and clients to design high-impact solutions across Cloud (Azure, IaaS, SaaS, PaaS), EUC, Unified Comms, Security (SIEM, PAM), Networks, and Smart Workplaces. What You’ll Do: Lead the end-to-end pre-sales cycle — from RFI/RFP to contract. Design innovative, client-specific solutions with technical & commercial impact. Present at CxO level and steer proposal strategies & financial models. Collaborate closely with Portfolio, Service Desk, Field, and Digital Workplace teams. Support deal shaping with strong knowledge of ITIL, SIAM, Automation, and cost analysis. What You’ll Bring: Have strong experience in pre-sales or solution architecture. Experience with €M+ managed service deals. Deep technical expertise in modern ICT stack and enterprise IT services. Strong German (C1) and English communication skills. Certifications: ITIL v3/v4 required; SIAM, ISO20000 desirable.