An undistinguishable fake site will be displayed at the top of Google search, all sites containing 'i' in the URL will be unreliable A villainous method
Google determines the display order of search results according to its own rules, but if you purchase Google's advertising space, you can display any website at the top of the search results. A situation occurred in which a fake site impersonating the official site of the popular image processing software 'GIMP' was displayed at the top of the search results by exploiting this advertising space. Fake sites look exactly like their domains, making it difficult for even those familiar with the Internet to spot them.
Dangerous Google Ad Disguising Itself as www.gimp.org : GIMP
Dangerous Google Ad Disguising Itself as www.gimp.org Again, *But Worse* : GIMP
https://www.reddit.com/r/GIMP/comments/ygeehg/dangerous_google_ad_disguising_itself_as/
The GIMP fake site was discovered by Reddit user ZachIngram04. Below is a screenshot of the Google search results posted by ZachIngram04. As a result of searching for 'gimp' on Google, a site like the official site of GIMP is displayed in the part (advertising space) marked 'Ad' at the top of the search results. This 'GIMP official site-like site' is the fake site in question.
When you access the fake site, it looks like a
In the case of a genuine official website, you can access the download page like the one below by clicking the download button.
However, the fake site opens the Dropbox page.
The real GIMP installer has a file name such as 'gimp-2.10.32-setup-1.exe', but the name of the file distributed by Dropbox is 'Setup.exe'. Also, while the real file capacity distributed at the time of article creation is 252.99 MB, the file capacity of 'Setup.exe' is 10.55 MB, clearly different from the real file You can see that it is being distributed. .
If you check Google's search results again, the displayed URL looks like the same 'https://www.gimp.org/' as the real thing. If it is the same URL, you should be able to access the same site, but as mentioned above, clicking the link at the top will access the fake site. Regarding the reason why this phenomenon occurs, Reddit points out that ``The letter that looks like the alphabet ``i'' in the URL is actually the Cyrillic letter ``i''.''
In order to distinguish whether the site you are trying to access is a fake site or not, many people should take measures to 'check the URL carefully'. However, when using indistinguishable characters such as 'i' and 'і' like this time, it is difficult to distinguish fake sites only by checking the URL.
As mentioned above, the fake site moves to Dropbox when downloading files, so it feels strange, but Mr. ZachIngram04 also confirmed that the version of the fake site that does not move to Dropbox was displayed at the top of Google search results. doing. In this case, the only way to identify fake sites is to 'distinguish the difference between 'i' and 'i'' and 'noticing discomfort by looking at the file name and file size'. Even those who are well-informed are at great risk of being deceived.
In addition, even on the Japanese site, there was an incident that the fake site of 'Ekinetto' operated by JR East was displayed at the top of Google's search results . We tend to think that ``the website that appears at the top of the search results looks safe,'' but considering the case of Ekinet and this case, it's easy to lose faith in Google's search results.
On Reddit, there is an opinion that 'using ad blocking can reduce the risk of accessing fake sites like this one', but only some users use ad blocking on a daily basis. Above all, fake sites should not appear in search results in the first place. Google is required to build a system to reliably check the reliability of the site displayed in the search results.
Related Posts:
in Web Service, Security, Posted by log1o_hf