Google Ads under the install button showing scam ads

[oasis]

The Google ads under the “Install Script” button are sometimes targeted by phishing websites and scams. I’ve had multiple people report to me in the past few days that they were charged on their credit cards and were confused when they didn’t get my script. Turns out they clicked on the fake buttons in the ads. I don’t know if these scammers just started buying these ads in the past few days, because my script has been published for a couple of months now, and all the complaints have come up in the past few days.

[JasonBarnabe]

To be clear, are you saying that the URL that these ads send you to is phishing/scams, or that the general visual format of the ads is something you consider to be phishing/scams?

[oasis]

The URL these ads send you to are mostly scams or deceptive websites that take your credit card details and charge you monthly after a "trial" which they make very hard or impossible to cancel. The visual format of the ads is misleading people into thinking they are actually clicking on Greasy Fork UI elements. The users may end up thinking either I scammed them, or Greasy Fork scammed them.

See for example the case in the original screenshots streaming-now.net. When you click through, the website simply gives you a form asking for an email and password, then proceeds to ask for your credit card. At this point many people think they are paying for some userscript, because the website never tells you what you're paying for when they are taking your payment details. That is unfortunately a moot point, anyway, because people who have fallen for this particular scam website have reported that there is nothing to log in to after your credit card details are taken, and no actual streaming to watch, it just "pops up with more ads."

I've tried to go through the process myself (you can try for yourself at streaming dash net dot com slash activation), and the payment page isn't even on streaming-now dot com, it sends you off site to fnaodb dot com. If you are on mobile, there is no visible text on the payment page that tells you anything about what you are paying for, but fine print actually is on the page though, you just have to scroll right instead of down. They gave the content wrapper a 300% width with three 100% width columns inside, and then display fine print in the third column on the very right. The fine print, for what it's worth, has nothing to do with streaming. At the moment, it says

Membership is 100% FREE. Your credit card serves as a way to determine your geographical location, so we can deliver the appropriately licensed content in your correct language. Your lifetime free access to Mega Fun Games includes a 2 day FREE trial membership to Find My Forever Mate. If after 2 days you choose to remain a member of Find My Forever Mate and not cancel your free trial, your membership will renew at $39.99 and will recur monthly until such time as you cancel it. Your membership to Mega Fun Games will remain Free for Life. Take advantage of your free membership and enjoy our amazing library of content!

Neither Mega Fun Games nor Find My Forever Mate have anything to do with streaming, which is what is offered before you click through to payment, and this fine print is effectively hidden so no reasonable person could get a chance to read it. Based on the parts of the user flow that the user can actually read, they are purchasing a streaming service, so even if the onus is on the user to read properly, I would still consider this a scam.

Here are some online user reports:

https://scammer.info/t/fake-streaming-website/113675 https://www.reddit.com/r/Scams/comments/z05dld/stremingnownet/ https://www.scamadviser.com/check-website/streaming-now.net

I have reported this ad to Google, but I don't know how many more of them there are, and based on past experience, I don't feel like Google takes this seriously enough. I'm sure these sites have a prepared script ready to appeal to Google why they're not a scam, because "everything is clearly explained". Since most of the reviewers are working on desktop, they will often buy in to these claims.

I understand that it is not at all your fault that fraudulent sites are buying ads on your site, but I think this detrimental to the community, and to the reputation of script authors and the Greasy Fork team, and should probably be addressed to prevent further harm to users.

The easy short-term fix would be to blacklist these sites on Adsense: https://support.google.com/adsense/answer/164657?hl=en&ref_topic=11277793 However, nothing is stopping these scammers from setting up shop in an entirely new domain.

A second more long-term approach would be to change the position of the ads to make them less susceptible to visual misdirections like this, and perhaps add a clear warning so users steer clear of them.

[JasonBarnabe]

I've gone ahead and blocked streaming-now.net in AdSense. You're right that they could just show up on another domain, or there could be others doing the same thing, but that's about the best I can do. If you see further ads like this, let me know.

Google's pretty sensitive about referring to the ads, so can't really put any warning about them.