Fake Avira AV: Is Google at fault?

I noticed something odd last night while searching for Avira's website. The first search hit from Google UK shows a phishing/scam site, "Copyright AVIRA Downloads ? 2008"

It appears in the sponsored links at the top of the page and also down the sides in several instances. The only thing that warned me to the problem was WOT. I dread to think how many newbs without WOT are visiting this site and falling for it.





I wonder if Google even bothers checking out these links they're advertising on their own pages, or maybe this is just some hi-jacking they're unaware of. This advert has been there for over 12 hours already and they haven't removed it.

I noticed the fake secure login page is connecting to Plimus.com. They have red WOT warnings, Mcafee SiteAdvisor rates plimus as safe, even though their SiteAdvisor page for Plimus.com is full of warnings people about Plimus being a phising scam enabler. Does Mcafee even bother listening to its own customers? Crikey.

All of these roguewares are bought via Plimus.com and there are more plastered on Mcafee SiteAdvisor warning people

"Antivirus 2010"
"AntiVirus Pro":
"AdWare Pro":
"AntiTrojanPro":
"AntiMalware Pro":
"Registry-Cleaner-Pro":
"iMunizator"

Google & Mcafee = Fail!

I did a few screenshots of the pages.

Edited links, sorry

 

Re the title of this thread, if Google is at fault, then so is Yahoo. I typically use Firefox with Adblock Plus. So, out of sheer curiosity, I fired up IE8, typed "avira" into Yahoo's search box, and Voila!:

 

Its incredible that these sites allowed to be advertised like this. I wonder how Avira feels about such sites targetting its potential customers.


EDITED LINKS sorry

 

A couple of points.

1) it looke to me from the disclaimer that the first site will allow you to download Avira free - and states you are paying for the support on the site. they also state they are not licensed to sell te software and have no relationship wwith Avira. his wont help them one bit - they have used the Avira logo without permision, which is unlwaful. The second site does not use the Avira logo, so i would guess could be seen to be legal in the face of it - this said, however, I would not advise anyone to enter their card details unless they want to be ripped off!

2) This thread needs to be removed as it is against forum ruless to post the URL of malware or phishing sites etc.

cant see any mods or admins online, but I will email them.

 

Thanks for the heads up, they do keep a list of known fake sites and providers, their list is here;

http://www.avira.com/en/support/beware_of_false_antivir_providers.html

 

Yes and no, there are banned trademark words you can't run in an Adwords campaign for instance search "Ebay" and you will only find ads by Ebay properties such as Paypal or Shopping.com or official partners despite 1,000's of other sites running the Ebay affiliate program.

Avira have an affiliate program here where you can setup a shop and sell their product. Some companies allow affiliates to use the products band name in online advertising, and others like Ebay don't.

So it's up to Avira to contact Google, establish ownership of the mark and request it be disallowed in campaigns by third party websites.

 

Don't we all know never to click on ads ?

 

I emailed Avira and they replied saying those websites will be flagged in the next AV updates.

 

Seems that more and more of the search engine's results can't be trusted. I have come across other sites when searching for security files and then my anti-virus alerted me that what I really installed was a keylogger.

The scary thing is .. if you don't know the direct link .. you search for it and believe the search results. I have heard that it isn't just "good people" getting their links sponsored now and no longer is it "if its sponsored it must be trusthworthy"... Now anyone can pay to get their site sponsored. After all, money talks.

Another scary thing is .. people will go on about how they tried a program and it works well and then suggest it to others (what happened to me is I believed the person knew what they were talking about) but if your security is not up to date you won't even know that what you downloaded actually is a trojan with a wonderful little surprise hiding inside it.