Phishing links and malware are a familiar threat to anyone who browses the internet.

Still, sophisticated attacks can catch even the most security-minded users off guard.

And nothing’s more sophisticated than impersonating Google on Google’s own platform.

Screenshots of the fraudulent Google Authenticator ad in Google Search.

Malwarebytes

As for how this happenedwell, it’s really quite simple.

Google accidentally sold ad space to hackers.

In this case, victims were searching for a Google product on a Google website.

They found an ad for the product and clicked it, because why wouldn’t they?

Thisisn’t the first timethat Google’s advertising platform has been utilized for malware distribution or phishing.