It's 2025... so why are obviously malicious advertising URLs still going strong?

SUMMARY :

In 2025, a phishing email containing a malicious link redirected through Google Ads was received by the Internet Storm Center. The link led to a credential-stealing page hosted on a dynamic DNS service. Despite being clearly fraudulent and detected by VirusTotal, the ad redirect remained active for over a week. The article questions why major ad providers like Google aren't implementing basic security measures to prevent such obvious threats. It suggests that ad companies should filter out links to domains unsuitable for legitimate ads and regularly check landing pages for malicious content. The author argues that this should be the minimum expected from ad providers in 2025, especially given the availability of AI and tools like VirusTotal for threat detection.

OPENCTI LABELS :

phishing,google ads,malicious urls,threat detection,ad providers,dynamic dns,security measures


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


It's 2025... so why are obviously malicious advertising URLs still going strong?