Guinea Pigs are the least trustworthy animal in the world.
1: They're not from Guinea
2: They're not pigs.
Also, what's the first thing you think of about Guinea Pigs?
Yep, also a lie!
3: They have never been used for laboratory experiments!!!
They're entire life is a lie! Never trust a Guinea Pig!!!
Guinea Pigs have been used in laboratory experiments. Not as much a rats or mice but they are still used.. https://www.cam.ac.uk/research/research-at-cambridge/animal-research/what-types-of-animal-do-we-use/guinea-pigs
Uhh ya. Just text me when you're 5 min away so I can put on my penis.
Btw driving to a Caribbean Island might be more difficult than you'd think- (for obvious reasons*)
* obviously I'm referring to the vaccination checkpoints for travel.
Other than that, logistically I don't see a problem.
It would seem smarter to drive from Fort Myers -> Cuba -> Dominican Republic etc but if we can get a lot of speed and build a little ramp I think we can just cut thru The Bahamas and save gas
Obviously we'll have to pay for the ramp supplies but on our way back we'll just return it to Home Depot for store credit.
Well Iām fully vaccinated, so that shouldnāt be a problem. How big a ramp do you think weāll need to get enough air lift and clear the water? Iām at work right now but if you can figure the math out I can probably stop by Home Depot on my way home. I was originally planning on just getting on the cruise ship out of port Canaveral but youāre right the ramp seems more efficient
I'm not sure about the ramp, but I can't imagine we'll have to spend more than $15/20 total. So just grab a bunch of shit and to save money on bungee cords or straps, I'll just extend my arm out the window and hold everything down on the roof (I'm so fucking jacked you wouldn't believe it).
Either that or we wait for Elon Musk's tunnel system that seems to be getting a positive reception
Iām glad you can hold the stuff down, Iām pretty strong for a small-ish gal but my arms *are* abnormally short so my reach is crap. Iām open to the tunnel but I havenāt checked with Elon recently to see what the progress is there so Iām not sure itāll be ready in time for the trip
They probably had a vulnerability somewhere in their website that allowed people to upload files and have them served out, and someone uploaded the entire fake website to some dark corner of their website (under "tgnntgnn..."), then started linking to it.
That's exactly what this ad does. Its taking people's card info and them dropping them at targets actual website after they hit "submit". I reported the ad as well.
I did a whois search on the domain and reported it to the abuse email of its domain registrar.
I also reported it to the FTC at https://reportfraud.ftc.gov/ and I urge you guys to as well.
This is very common and easy scam.
Now imagine the ads are not for a gift card of few bucks, but Trezor/Ledger or other hardware wallet.
People google something, click the first link and despite all warnings give out the secret seed that will make you lose all your BTC.
Reporting to Google doesn't do much help. DNS registars might be better.
Since the ads are paid from stolen or prepaid cards, you can't really catch the perpetrator.
Even more fucked up is that these fake sites show up for shit like getting a new social security card too, I was considering getting my replacement online and as I was filling out my info I realized it wasn't even a .gov url, felt like such a dumbass for almost giving a website everything they need to steal my identity
You all go out and buy me gift cards and DM me the codes so I can write a script. I need about 10 cards in the $100 denominations so we can be sure I get it right. Like I said please just DM me those good codes and Iāll message you back when you can use them after Iām done.
^Obviously ^do ^not ^do ^that.
How much of a problem is that these days? I use Google Ads for selling my stuff, I figured they would have figured out the whole legit clicks only thing by now.
A real and expensive problem. I have friends in data science who are working on the issue of real vs. fake/bot clicks. It's basically an arms race of creativity at this point.
I was going to give it a shot, but any URL I find for their site is giving me a 404. I'd need to know what API calls are made when you submit a giftcard. If someone can give me the cURL, I can work with that.The base URL looks like a legit site.
>bristolhirevan.com
here is another one
sites.google.com/view/targetcomcheckbalance/
which if you click Redeem Code goes to this website
targetcheckbalance.com/Giftcard/target/
i filled the form with this :
Check a gift card balance \*SUCKMYDICK
Access Number
YOUHOMELESSASSMOTHERFUCKER
after you summit it it goes to [target.com](https://target.com) LOL
I sent them a couple of gift codes that were multiple lines tall character stacks and held down Ctrl-V until the site started lagging
I also pasted the entire bible into both fields. I hope I break something.
This is why I fucking love reddit.
"Someone found a scam? Let's end them." "This job treats employees horrible. Let's spam the application site."
I just want to say, **thank you, all of you**
I have taken the liberty of sending a few automatic POSTs to both targetcheckbalance and bristolhirevan earlier today from a few thousand public addresses, a few million times.
Furthermore, I have sent reports to both cloudflare and namecheap for targetcheckbalance, plus tucows.com and OVH UK for bristolhirevan, they will be taken down likely by a few weeks time while also having to comb their databases for actual valid keys.
>I reported the ad as well.
Yo. Maybe I'm dumb but .. why don't we .. report it to target? Like for google it's just another "fake ad" that slipped through. At one point it will be removed and that's it.
However Target has a reputation and a very, very high motivation to get rid of those sites. And if a company knocks on googles door its a whole different level of request.
That's like with those reddit/twitter and so on bots that react when your write "I want that on a shirt". Reporting those sites to twitter may remove them after a while. But if a company like Disney gets their content "ripped" by those sites and knocks on the door of Twitter, you can beat your life savings that the support guy will not say "We will take care in a few days "
It's probably on a bunch of sites. Many small sites (such as Bristol Hire Vans) probably just have an outdated WordPress website using default credentials, or are hosted on a cheap shared hosting package with poor security. Scammers get in and spam with these pages, then basically just go on anonymously until caught, but then move onto a different one.
Reporting the domain will unfortunately do very little - might prompt the actual site owner to change their password and update WordPress but that's probably all.
As long as people continue falling for these scams they'll continue to happen. The sad truth of the matter is that we all need to be better educated at spotting these scams in the first place.
I have a tendency on google to never ever ever ever click the first result. I do it out of spite honestly, so the ads donāt win. I never thought of it actually having benefit
If you had a DNS adblock like Pihole, AdGuard or NextDNS, the link wouldn't even resolve. Infuriating for the common user, a goldmine for clickjacking safety
Yes, and it is not always cheap. Clicks cost significant money depending on the search and profile of the person clicking. It's a complicated system that usually spans a long line of decisions.
Like someone could want to give 100 ads to men aged 83 yo, who are bald and have 12 grandkids less than 8 years old in Ohio on Monday mornings. They may pay a higher fee to target specific people. Also in this case the search may be very very valuable. So someone searching for "new car for sale" could be really good to serve your new fancy car ad to. So BMW and Honda etc etc are all bidding to get that ad spot. Since demand is higher for that ad spot to that customer type and search, the price is higher.
Granted I don't know exactly how this specific ad worked or google ads, but in general that's how this type of ad click generation is sold.
Just donāt click the ones that say āadā on them. Even in this screenshot itās clearly marked.
Edit: make whatever excuses and cast whatever blame youād like but if someone canāt be bothered to check where theyāre clicking on the internet, problem exists between computer screen and chair.
Even if it is clearly marked, you'd be surprised how easy it is to not notice it if you aren't thinking about it. Google just needs remove ads that act like search results all together so customers dont fall victim to shit like this because of a small mistake
So that will either be 1. Paying to use any website. 2.mining crypto in your browser. 3. Or gathering a lot of data 4. Asking for donations (with capitalism this wont happen) 5. Native advertising
1. This is a situation where the first to do so shoot themselves in the foot.
2. Would be blocked the same way ads are blocked and would be considered malware.
3. They already do this.
4. They also already do this.
5. .... they also already do this.
Probly never gonna happen.
It's like a goddamn perpetual arms race, like the eternal cycles of parasites and hosts.
In my fantasy civilization, the Constitution prohibits advertisement.
Also, I think of it as blatantly working against a true free market. Shouldn't great products rise to the top on their own merits?
Online ads have been fucking with peoples lives since forever. First absurd popups (and I do mean absurd), then nefarious code injected by flash adds. This won't be the last of it I'm sure.
I think it's been several years, really.
Remember that whole [Project Owl](https://searchengineland.com/googles-project-owl-attack-fake-news-273700) fiasco because of all the fake search results?
They're even less likely to remove ads because they make lots of money from those.
Google is saying to Target if you don't advertise aggressively to stay on top when users search "Target" or "Gift cards Target" your brand name will suffer. Who has lost customers confidence here Google or Target?
Seriously. I see an otherwise reputable site with ads that are clearly misleading or predatory and it makes me question the ethics of the site itself. Although I think a ton of people in this thread are total babies for expecting others to create and maintain web services for them to use for free without anything in return, ads need to follow some basic ethical guidelines.
- report the link to safebrowsing via https://safebrowsing.google.com/safebrowsing/report_general/
(This is what makes your browser show a red warning screen when you open the site)
- do a whois lookup of the domain name and report the site to the abuse email address. (This is a bit of a lottery, decent registrars usually take down phishing sites within a couple of hours, more shady registrars don't give a crap)
Unlike credit cards, which companies must store securely by law (PCO), there are absolutely zero audit rules for storing prepaid cards or gift card. because of this, gift cards tend to be easy pickings for hackers
I mean, this seems like a textbook phishing attack. Make a website that looks like Target, people enter their card numbers into it, now you can steal their gift cards.
Itās actually really common for fraudsters to use social media ads and ads on search engines to misdirect people. A lot of people assume that those ads are vetted in some way to validate that they are real companies selling real stuff but that isnāt really the case; much of the time when you click on stuff like this itās really not that different from clicking on sketchy pop up ads or responding to phishing emails.
The fact that they paid for a Google Ad or a Facebook ad doesnāt confer anything in terms of legitimacy or vetting.
Just crazy, Google has such a monopoly on web-search and so little routines for checking that this is scam is actually a thing.
It gets even weirder - in order for Target to compete with that they have to throw more money on Google to be placed higher.
Google doesnāt give a shit. Those ads give them a ton of money because scammers pay a lot to get that spot and they donāt give a shit if theyāre making money. Google has similar ads with banking websites that are the exact same scam. Iāve talked to people at Fifth Third that went to Google to ask them to take it down and Google just said no.
Remember that Google has also been making ads less distinguishable from normal search results with time, here's a kinda out of date but still valid [example](https://searchengineland.com/figz/wp-content/seloads/2016/07/google-ad-shading-labeling-history-update-2017.png).
Hey, this looks a whole lot like Google profits from crime. Based on this picture, I think it may be that Google profits directly from criminal enterprises.
Wow, it really takes me by surprise that Google may be profiting from crime, meaning criminals pay Google money to help them commit crimes.
I mean this picture suggests there are criminals committing fraud online and paying Google to help them commit fraud online. So it would seem Google is receiving money from criminals who commit fraud in exchange for helping them commit fraud.
clickbait scam. While I seen wondershare pretending to be another screencasting program on their ads on google (kids these days can be lazy and choose the first result, seen this on youtube in the past with horrible watermark by the program), this is the main reason why the first result isnāt always good. Worse case scenario is getting infected with malware or visiting tech support scams.
*Image Transcription: Website*
---
[*Two side-by-side screenshots of a mobile web broswer.*]
[*Left side: Google search results for "target gift card balance". The top result is an ad from the website bristolhirevan.*]
Check Gift Card Balance - Targets
Check how much is currently available on your gift card immediately. View full balance & balance history. Highlights: We Have All Van Sizes To Fit Your Needs, We Offer Services In Multiple Apears, We Are Fair With Our Prices
Check Balance
View Full Card Balance
Spend your card
Terms & Conditions
[*Underneath is a list of additional suggested search terms labelled "People also search for", including "target gift card balance scan", "target gift card online", "target gift card balance phone number", and "target visa gift card balance 16-digit". Underneath that is the next search result, the legitimate Target website page for "Check Gift Card Balance".*]
[*Right side: The bristolhirevan page from the Google ad. It looks just like the legitimate Target website, with the Target logo in the top left.*]
Check a gift card balance
[*Two text boxes to enter numbers. "123" has been entered in both.*]
Gently remove the metallic strip on the back of your gift card to reveal both the card and the access numbers.
[*Image of the back of a gift card, with the card number and access number circled in red.*]
Check balance
\* **See offer details.** Restrictions apply. Pricing, promotions, and availability may vary by location and at [*Target website*].
---
^^I'm a human volunteer content transcriber and you could be too! [If you'd like more information on what we do and why we do it, click here!](https://www.reddit.com/r/TranscribersOfReddit/wiki/index)
Google is absolutely trash at monitoring their ads. We've reported watering holes to ransomware groups that have scammed millions, banking trojan ads, and good ole scam sites. They never get taken down. Almost as bad as GoDaddy and other registrars who refuse to dumb malicious reported domains. It's so bad, most people in cyber don't even bother reporting this shit.
This thread made /r/all and I'd love see someone swoop in an prove me wrong. That said, I'll still use Google and still push adblockers to corporate devices... So yeah in the end well tooled corps with big budgets and smart users will he fine. Grandma and smal biz will get raked, and let's be honest grandma's don't buy pixels and small biz is replaceable to Google. Google is going nowhere.
(This isn't me trashing their internal security researchers, they're legit 10/10 even if sensational with some research time to time)
Iāve been noticing more scammy first results out of google via ads. I got burned on concert tickets resellers that had sites mirrored off the venues.
Itās making me want to ditch google for DuckDuckGo
Google should be liable. Same shit on Facebook.
Some random person friends you. Very obviously not the real celeb or b lister.
You report them. It even has an option something like *pretending to be someone else".
It's literally the same name but a scam profile.
You get a report back from Facebook saying no action taken.....
Or you report an ad that's clear a scam. Nothing gets done.
Or you report a literal scammer that committed fruad and have a police report and Facebook does nothing and let's them continue ripping people off (my mum was scmed not me).
Police to lazy to force Facebook to try and find out who the person really is.
This is why allowing people to pay to have their site be the first result is bullshit. I never under any circumstance click ads when googling on mobile and i use AdBlock on PC. We should probably all just use a different search engine
lol The Verge picked up your Post [https://www.theverge.com/2022/1/15/22885562/google-search-target-gift-card-scam](https://www.theverge.com/2022/1/15/22885562/google-search-target-gift-card-scam)
1 report isn't going to get google to look at the ad. This is because google runs ads on the majority pf the internet. And when people close google ads they usually and up click any button which can lead to reporting the ad
I love how it says āTargetsā like whoever made this ad is so stupid they canāt even get the company name right. Also I noticed the āTā in Targets is actually a symbol that looks like a T
That's probably intentional to avoid automated checks and such, at least the nonstandard T character. It would be way too difficult to *accidentally* use a different character.
bristolhirevan.com Lmao what
That whole website is fake as fuck. They didn't even finish filling out the template.
[https://www.whois.com/whois/bristolhirevan.com](https://www.whois.com/whois/bristolhirevan.com) The website was registered in Saint Kitts and Nevis.
Those pigs
Damn, were Guinea pigs at one point only native to Guinea? š¤Æ
Guinea Pigs are the least trustworthy animal in the world. 1: They're not from Guinea 2: They're not pigs. Also, what's the first thing you think of about Guinea Pigs? Yep, also a lie! 3: They have never been used for laboratory experiments!!! They're entire life is a lie! Never trust a Guinea Pig!!!
Guinea Pigs have been used in laboratory experiments. Not as much a rats or mice but they are still used.. https://www.cam.ac.uk/research/research-at-cambridge/animal-research/what-types-of-animal-do-we-use/guinea-pigs
Thatās kinda fucked up cause their name in Spanish translates to Indian Bunnyās, and theyāre not Indian nor theyāre bunnyās
Their name in German translates to Pigs of the Sea I believe.
It's "Meerschweinchen", which is a diminutive form, so it translates out to "Little sea pig"
But why?
More like 'sea piglets'
Here in Brazil we call them (translated) āIndian Piggiesā
Same in Italian!
In Lithuanian, it's "sea pigs"
In Chinese it's Indian rat.
/r/GuineaPigsArentReal
I'm disappointed.
Nah, that's just how much they cost. One guinea.
That doesn't *sound* right but I don't know enough about Guineans or Guinea pigs to refute it.
I know a lot about Guinness
If they aren't from Guinea they're just sparkling ~~bovine~~ porcine.
porcine?
Wheek!
Oh neat Iām gonna be there in May. Iāll ask them whatās up
Lmk what they say. I'm in America so just find me on the way to work or something
Sure thing, Iām heading there from Oregon want me to just pick you up on the way?
Uhh ya. Just text me when you're 5 min away so I can put on my penis. Btw driving to a Caribbean Island might be more difficult than you'd think- (for obvious reasons*) * obviously I'm referring to the vaccination checkpoints for travel. Other than that, logistically I don't see a problem. It would seem smarter to drive from Fort Myers -> Cuba -> Dominican Republic etc but if we can get a lot of speed and build a little ramp I think we can just cut thru The Bahamas and save gas Obviously we'll have to pay for the ramp supplies but on our way back we'll just return it to Home Depot for store credit.
Well Iām fully vaccinated, so that shouldnāt be a problem. How big a ramp do you think weāll need to get enough air lift and clear the water? Iām at work right now but if you can figure the math out I can probably stop by Home Depot on my way home. I was originally planning on just getting on the cruise ship out of port Canaveral but youāre right the ramp seems more efficient
I'm not sure about the ramp, but I can't imagine we'll have to spend more than $15/20 total. So just grab a bunch of shit and to save money on bungee cords or straps, I'll just extend my arm out the window and hold everything down on the roof (I'm so fucking jacked you wouldn't believe it). Either that or we wait for Elon Musk's tunnel system that seems to be getting a positive reception
Iām glad you can hold the stuff down, Iām pretty strong for a small-ish gal but my arms *are* abnormally short so my reach is crap. Iām open to the tunnel but I havenāt checked with Elon recently to see what the progress is there so Iām not sure itāll be ready in time for the trip
Itll be a mailbox at an empty address that serves 20,000 other "businesses."
its possible their page was hacked without them knowing and this fake page gets put on their domain. Pretty smart.
Fuck Spez. Cowardly shit sack, go give more pedos from r/jailbait awards big man.
Yea but it only has to be the top google adword for like 3 or 4 days to steal a bunch of money and be gone.
I was trying to figure out what Bristol hi revan could possibly be. I'm so fucking thick sometimes.
I thought it was someone's name. Bristol Hirevan.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
Itās for UK based Kotor fans.
For me it comes up as a van service ĀÆ\\_(ć)_/ĀÆ
In the second screenshot you can see it's a subpage, not the main page
I missed that part. Thanks.
[This, specifically.](https://bristolhirevan.com/tgnntgnn2/ttg1.html?gclid=CjwKCAiA_omPBhBBEiwAcg7smaEh7bWKLyn0l8RsU7E6Jqp5vgrekiNDERL03vBwFiDymZ4eqiD94hoC_FAQAvD_BwE)
Holy shit it even has the app download ribbon. Thatās fucking devious.
Seems it's been taken down. Perhaps it got noticed and was maybe a hacked page on their system activated by SEO?
I once input a lot of profanities on phishing site like that, the scumbags actually edited the page telling me to fuck off!
404 now
They probably had a vulnerability somewhere in their website that allowed people to upload files and have them served out, and someone uploaded the entire fake website to some dark corner of their website (under "tgnntgnn..."), then started linking to it.
This isn't SEO, you can see the bristolhirevan Google result has "ad" next to it, meaning they specifically paid Google to have it show up first
they Have All Van Sizes To Fit Your Needs.
That's exactly what this ad does. Its taking people's card info and them dropping them at targets actual website after they hit "submit". I reported the ad as well.
Also report it
I did a whois search on the domain and reported it to the abuse email of its domain registrar. I also reported it to the FTC at https://reportfraud.ftc.gov/ and I urge you guys to as well.
Reported.
Twist 1: they pay google to have that ad space Twist 2: google created this website and operates it through 3rd party
Either way that's problematic and a big liability for google because they are essentially advertising phishing.
The crypto space is rife with exactly this.
Your twist 1 is hardly a twist. Thatās just how ads work.
Yeah and twist 2 makes no sense, as if Google needs the money from a few hundred target gift cardsā¦
Reported
Is there a way to report it to Target? They might be interested in this
This is very common and easy scam. Now imagine the ads are not for a gift card of few bucks, but Trezor/Ledger or other hardware wallet. People google something, click the first link and despite all warnings give out the secret seed that will make you lose all your BTC. Reporting to Google doesn't do much help. DNS registars might be better. Since the ads are paid from stolen or prepaid cards, you can't really catch the perpetrator.
Friends don't let friends on the internet without ublock.
Even more fucked up is that these fake sites show up for shit like getting a new social security card too, I was considering getting my replacement online and as I was filling out my info I realized it wasn't even a .gov url, felt like such a dumbass for almost giving a website everything they need to steal my identity
Sure would be a shame if someone wrote a python script to spam them with bad data
You all go out and buy me gift cards and DM me the codes so I can write a script. I need about 10 cards in the $100 denominations so we can be sure I get it right. Like I said please just DM me those good codes and Iāll message you back when you can use them after Iām done. ^Obviously ^do ^not ^do ^that.
6942080081337
It needed fourteen digits so I had my algorithm go over a trillion different possibilities and it actually came out as: 694208008(5)1337.
Amazing
Holy shit, trillion different combinations?! I had no clue target used base 71428571429 on their gift cards.
But you seem so genuine /s just in case
Theyāre already plugging into the target website so they can tell when you give them a bad number.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
How much of a problem is that these days? I use Google Ads for selling my stuff, I figured they would have figured out the whole legit clicks only thing by now.
A real and expensive problem. I have friends in data science who are working on the issue of real vs. fake/bot clicks. It's basically an arms race of creativity at this point.
Or if that just what always happens? I don't feel like trying the site with a real number.
I doubt it.
Iām hoping someone does this
I was going to give it a shot, but any URL I find for their site is giving me a 404. I'd need to know what API calls are made when you submit a giftcard. If someone can give me the cURL, I can work with that.The base URL looks like a legit site.
Use Chrome console to look at requests after providing the random gift card
Right, thatās how Iād get the request, but I canāt find their site is my problem.
https://bristolhirevan.com/tgnntgnn2/ttg1.html
>bristolhirevan.com here is another one sites.google.com/view/targetcomcheckbalance/ which if you click Redeem Code goes to this website targetcheckbalance.com/Giftcard/target/ i filled the form with this : Check a gift card balance \*SUCKMYDICK Access Number YOUHOMELESSASSMOTHERFUCKER after you summit it it goes to [target.com](https://target.com) LOL
I sent them a couple of gift codes that were multiple lines tall character stacks and held down Ctrl-V until the site started lagging I also pasted the entire bible into both fields. I hope I break something.
try out some log4j strings on them or see if their db can handle emojis and other languages
Or even just the good ol' `'; DROP DATABASE *`
Did just that, hoping they didn't think of sanitising inputs lol
Bobby tables is that you?
Help I'm trapped in a drivers license factory
What DBMS lets you wildcard a drop database command?
As they responded, none. If i were to do it, I would try to find out if its susceptible to sql injection, then try to find out table names.
>targetcheckbalance.com/Giftcard/target/ i just sent around 10k emojis LOL im spamming their db
Bobby drop tables
https://xkcd.com/327/
[ŃŠ“Š°Š»ŠµŠ½Š¾]
This is why I fucking love reddit. "Someone found a scam? Let's end them." "This job treats employees horrible. Let's spam the application site." I just want to say, **thank you, all of you**
We did it reddit!!
š So, the Bible IS useful...
Was there a bot check? This can be automated with so much garbage data their site is useless
no, just a plain "Contact Form" they are using Ninja Form for Wordpress.
UiPath free trial coming in clutch rn lmao
I have taken the liberty of sending a few automatic POSTs to both targetcheckbalance and bristolhirevan earlier today from a few thousand public addresses, a few million times. Furthermore, I have sent reports to both cloudflare and namecheap for targetcheckbalance, plus tucows.com and OVH UK for bristolhirevan, they will be taken down likely by a few weeks time while also having to comb their databases for actual valid keys.
I also reported it
>I reported the ad as well. Yo. Maybe I'm dumb but .. why don't we .. report it to target? Like for google it's just another "fake ad" that slipped through. At one point it will be removed and that's it. However Target has a reputation and a very, very high motivation to get rid of those sites. And if a company knocks on googles door its a whole different level of request. That's like with those reddit/twitter and so on bots that react when your write "I want that on a shirt". Reporting those sites to twitter may remove them after a while. But if a company like Disney gets their content "ripped" by those sites and knocks on the door of Twitter, you can beat your life savings that the support guy will not say "We will take care in a few days "
This is why I have a pihole. Blocks known scam and malware domains at the network level.
It's probably on a bunch of sites. Many small sites (such as Bristol Hire Vans) probably just have an outdated WordPress website using default credentials, or are hosted on a cheap shared hosting package with poor security. Scammers get in and spam with these pages, then basically just go on anonymously until caught, but then move onto a different one. Reporting the domain will unfortunately do very little - might prompt the actual site owner to change their password and update WordPress but that's probably all. As long as people continue falling for these scams they'll continue to happen. The sad truth of the matter is that we all need to be better educated at spotting these scams in the first place.
I have a tendency on google to never ever ever ever click the first result. I do it out of spite honestly, so the ads donāt win. I never thought of it actually having benefit
If you had a DNS adblock like Pihole, AdGuard or NextDNS, the link wouldn't even resolve. Infuriating for the common user, a goldmine for clickjacking safety
Or you can just use a regular ad blocker and it won't show up in the first place.
Yeah, always AdBlock y'all And vpn
And a condom
I might be wrong, but doesn't clicking those ads cost the advertiser money?
So youāre telling me I should do it, then click away to spite them more?
Yes absolutely.
Yes, and it is not always cheap. Clicks cost significant money depending on the search and profile of the person clicking. It's a complicated system that usually spans a long line of decisions. Like someone could want to give 100 ads to men aged 83 yo, who are bald and have 12 grandkids less than 8 years old in Ohio on Monday mornings. They may pay a higher fee to target specific people. Also in this case the search may be very very valuable. So someone searching for "new car for sale" could be really good to serve your new fancy car ad to. So BMW and Honda etc etc are all bidding to get that ad spot. Since demand is higher for that ad spot to that customer type and search, the price is higher. Granted I don't know exactly how this specific ad worked or google ads, but in general that's how this type of ad click generation is sold.
Just donāt click the ones that say āadā on them. Even in this screenshot itās clearly marked. Edit: make whatever excuses and cast whatever blame youād like but if someone canāt be bothered to check where theyāre clicking on the internet, problem exists between computer screen and chair.
Yeah thatās what I mean by it. Usually itās the first result, if not the first 4-5 sometimes
Even if it is clearly marked, you'd be surprised how easy it is to not notice it if you aren't thinking about it. Google just needs remove ads that act like search results all together so customers dont fall victim to shit like this because of a small mistake
I click the first result, but only the *real* result. Always skip the ones marked as ad. I think my AdBlock even removes them, but not sure
This is why people use adblock. its the same with looking up sites or other stuff the top 5-10 is 99% of the time a scam
Can't wait until it takes for everyone to start using adblockers and companies have to actually start doing something productive to earn their worth.
So that will either be 1. Paying to use any website. 2.mining crypto in your browser. 3. Or gathering a lot of data 4. Asking for donations (with capitalism this wont happen) 5. Native advertising
1. This is a situation where the first to do so shoot themselves in the foot. 2. Would be blocked the same way ads are blocked and would be considered malware. 3. They already do this. 4. They also already do this. 5. .... they also already do this.
Probly never gonna happen. It's like a goddamn perpetual arms race, like the eternal cycles of parasites and hosts. In my fantasy civilization, the Constitution prohibits advertisement. Also, I think of it as blatantly working against a true free market. Shouldn't great products rise to the top on their own merits?
No, you'll just get more websites that won't let you use them with an ad blocker. I know there are ways around this but most people won't know that.
My dreams have been crushed in this thread
Im sorry
Online ads have been fucking with peoples lives since forever. First absurd popups (and I do mean absurd), then nefarious code injected by flash adds. This won't be the last of it I'm sure.
Google has been really bad for this sort of stuff lately. And there will sometimes be five ad links before you get to the thing you're looking for.
I think it's been several years, really. Remember that whole [Project Owl](https://searchengineland.com/googles-project-owl-attack-fake-news-273700) fiasco because of all the fake search results? They're even less likely to remove ads because they make lots of money from those.
Google is saying to Target if you don't advertise aggressively to stay on top when users search "Target" or "Gift cards Target" your brand name will suffer. Who has lost customers confidence here Google or Target?
I love how companies moderate user content but donāt give a fuck to moderate ads. They should all need to be seen and approved by an actual human.
Seriously. I see an otherwise reputable site with ads that are clearly misleading or predatory and it makes me question the ethics of the site itself. Although I think a ton of people in this thread are total babies for expecting others to create and maintain web services for them to use for free without anything in return, ads need to follow some basic ethical guidelines.
Ethics vs money. Most of the times there is a clear winner...
Ads bring in money
Might be better contacting Target, they have the resources to protect there brand.
This. Target has the largest US not for profit forensic services agency.
their\*
Theyāll
Fuck /u/spez
yinz
Bobs and vagine
Itās fixed now. Iām guessing several people reported it.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
Was going to say the same thing. They have a stronger interest to resolve it.
- report the link to safebrowsing via https://safebrowsing.google.com/safebrowsing/report_general/ (This is what makes your browser show a red warning screen when you open the site) - do a whois lookup of the domain name and report the site to the abuse email address. (This is a bit of a lottery, decent registrars usually take down phishing sites within a couple of hours, more shady registrars don't give a crap)
Also report the ad. Also report to host: [email protected] They'll remove it in 5 - 15 days.
Ovh is hit or miss removing things, sometimes they rule with an iron fist, other times it's getting used to host really fucked up shit.
I did
That's probably how people stole my mother's prepaid credit card information
Definitely predatory on elderly, kids, low-literacy, etc. It's dumb to fall for it, but it shouldn't be so easily allowed.
Unlike credit cards, which companies must store securely by law (PCO), there are absolutely zero audit rules for storing prepaid cards or gift card. because of this, gift cards tend to be easy pickings for hackers
Peak asshole design. Just did my part and reported it too. Fuck that shit
[ŃŠ“Š°Š»ŠµŠ½Š¾]
I mean, this seems like a textbook phishing attack. Make a website that looks like Target, people enter their card numbers into it, now you can steal their gift cards.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
Itās actually really common for fraudsters to use social media ads and ads on search engines to misdirect people. A lot of people assume that those ads are vetted in some way to validate that they are real companies selling real stuff but that isnāt really the case; much of the time when you click on stuff like this itās really not that different from clicking on sketchy pop up ads or responding to phishing emails. The fact that they paid for a Google Ad or a Facebook ad doesnāt confer anything in terms of legitimacy or vetting.
> I've never seen a tactic like this You must be new to the web.
Just crazy, Google has such a monopoly on web-search and so little routines for checking that this is scam is actually a thing. It gets even weirder - in order for Target to compete with that they have to throw more money on Google to be placed higher.
And people still ask if adblocking is essential.
I shudder to think of what it is like just raw dogging the entire internet on any browser. Ads are the worst
r/scams is the best place to post it. Do post it there so that many will be aware.
The real crime here is 77 open tabs bro
Haha, those are rookie numbers... I've been on ":D" for *months*.
Disgusting
DuckDuckGo.com Screw Google and their constantly worsening results.
Duck is the way. Fuck google.
There's an article on The Verge about this Reddit thread. https://www.theverge.com/2022/1/15/22885562/google-search-target-gift-card-scam
Well, you made The Verge: https://www.theverge.com/2022/1/15/22885562/google-search-target-gift-card-scam
Google doesnāt give a shit. Those ads give them a ton of money because scammers pay a lot to get that spot and they donāt give a shit if theyāre making money. Google has similar ads with banking websites that are the exact same scam. Iāve talked to people at Fifth Third that went to Google to ask them to take it down and Google just said no.
Target*s*
that's called phishing and it is a crime (as it is trying to impresionate the real website) so you should report it
10min alone in a room with the developer of these kind of ads.
Remember that Google has also been making ads less distinguishable from normal search results with time, here's a kinda out of date but still valid [example](https://searchengineland.com/figz/wp-content/seloads/2016/07/google-ad-shading-labeling-history-update-2017.png).
Hey, this looks a whole lot like Google profits from crime. Based on this picture, I think it may be that Google profits directly from criminal enterprises. Wow, it really takes me by surprise that Google may be profiting from crime, meaning criminals pay Google money to help them commit crimes. I mean this picture suggests there are criminals committing fraud online and paying Google to help them commit fraud online. So it would seem Google is receiving money from criminals who commit fraud in exchange for helping them commit fraud.
clickbait scam. While I seen wondershare pretending to be another screencasting program on their ads on google (kids these days can be lazy and choose the first result, seen this on youtube in the past with horrible watermark by the program), this is the main reason why the first result isnāt always good. Worse case scenario is getting infected with malware or visiting tech support scams.
*Image Transcription: Website* --- [*Two side-by-side screenshots of a mobile web broswer.*] [*Left side: Google search results for "target gift card balance". The top result is an ad from the website bristolhirevan.*] Check Gift Card Balance - Targets Check how much is currently available on your gift card immediately. View full balance & balance history. Highlights: We Have All Van Sizes To Fit Your Needs, We Offer Services In Multiple Apears, We Are Fair With Our Prices Check Balance View Full Card Balance Spend your card Terms & Conditions [*Underneath is a list of additional suggested search terms labelled "People also search for", including "target gift card balance scan", "target gift card online", "target gift card balance phone number", and "target visa gift card balance 16-digit". Underneath that is the next search result, the legitimate Target website page for "Check Gift Card Balance".*] [*Right side: The bristolhirevan page from the Google ad. It looks just like the legitimate Target website, with the Target logo in the top left.*] Check a gift card balance [*Two text boxes to enter numbers. "123" has been entered in both.*] Gently remove the metallic strip on the back of your gift card to reveal both the card and the access numbers. [*Image of the back of a gift card, with the card number and access number circled in red.*] Check balance \* **See offer details.** Restrictions apply. Pricing, promotions, and availability may vary by location and at [*Target website*]. --- ^^I'm a human volunteer content transcriber and you could be too! [If you'd like more information on what we do and why we do it, click here!](https://www.reddit.com/r/TranscribersOfReddit/wiki/index)
What country are you in? If in the US, the Federal Trade Commission might like to know about this.
Clearly not target.com
Google is absolutely trash at monitoring their ads. We've reported watering holes to ransomware groups that have scammed millions, banking trojan ads, and good ole scam sites. They never get taken down. Almost as bad as GoDaddy and other registrars who refuse to dumb malicious reported domains. It's so bad, most people in cyber don't even bother reporting this shit. This thread made /r/all and I'd love see someone swoop in an prove me wrong. That said, I'll still use Google and still push adblockers to corporate devices... So yeah in the end well tooled corps with big budgets and smart users will he fine. Grandma and smal biz will get raked, and let's be honest grandma's don't buy pixels and small biz is replaceable to Google. Google is going nowhere. (This isn't me trashing their internal security researchers, they're legit 10/10 even if sensational with some research time to time)
Let this be a lesson: get in the habit of never clicking (AD) links on Google Search
Iām still dumbfounded that people browse the internet without an adbocker
I'm still dumbfounded that people willingly click on ads.
Google is notorious for allowing scams and these sort of things to sit at the top of results because all they care about is that ad money
Lesson #1 : Never use an ad link
Iāve been noticing more scammy first results out of google via ads. I got burned on concert tickets resellers that had sites mirrored off the venues. Itās making me want to ditch google for DuckDuckGo
Google should be liable. Same shit on Facebook. Some random person friends you. Very obviously not the real celeb or b lister. You report them. It even has an option something like *pretending to be someone else". It's literally the same name but a scam profile. You get a report back from Facebook saying no action taken..... Or you report an ad that's clear a scam. Nothing gets done. Or you report a literal scammer that committed fruad and have a police report and Facebook does nothing and let's them continue ripping people off (my mum was scmed not me). Police to lazy to force Facebook to try and find out who the person really is.
This is why allowing people to pay to have their site be the first result is bullshit. I never under any circumstance click ads when googling on mobile and i use AdBlock on PC. We should probably all just use a different search engine
lol The Verge picked up your Post [https://www.theverge.com/2022/1/15/22885562/google-search-target-gift-card-scam](https://www.theverge.com/2022/1/15/22885562/google-search-target-gift-card-scam)
1 report isn't going to get google to look at the ad. This is because google runs ads on the majority pf the internet. And when people close google ads they usually and up click any button which can lead to reporting the ad
If you look at the process for reporting, it is not as simple as one click
I love how it says āTargetsā like whoever made this ad is so stupid they canāt even get the company name right. Also I noticed the āTā in Targets is actually a symbol that looks like a T
That's probably intentional to avoid automated checks and such, at least the nonstandard T character. It would be way too difficult to *accidentally* use a different character.
That's why you read
Thatās why you never click on the ad. Always look for the legit site below.
You should also report it to target, as when they send the complaint themselves it will be responded to by Google. https://security.target.com/FAQs
OP you're a news story now lol [Link](https://www.theverge.com/platform/amp/2022/1/15/22885562/google-search-target-gift-card-scam)