I fell prey to this. Might have been the exact same website, too. Had had a drink with dinner, thought heck why not file for my EIN for an independent consulting LLC I was creating? Was using a fresh OS install where I hadn't yet installed Firefox with an adblocker. Usual defenses were weakened. Boom, $250 down the drain before I really thought it all through. Fortunately I was able to get it refunded by initiating a chargeback and telling their website support that I believed they were misrepresenting themselves as the IRS. It really was a "welcome to the real world" moment, though - my very first act as a new business in the US was to get scammed. This theme has continued. 90% of the business mail I get are scams masquerading as official government mail to get business licenses or whatever. These websites are run by scumbags who should all be arrested. And Google, of course, should pay actual penalties because it's been all upside for them.
People think I'm paranoid checking domains, certificates, and bank numbers but it's a small price to pay as you found out. You lost $250, some lose thousands.
This stuff needs to be regulated, companies like Google need to be held accountable for what they serve up to users. No more hiding behind this shield of "we're just a platform" when they damn well know they're the platform. It's all fun and games until your (grand)parents lose 20K to some scumbag scammers.
The problem is that it's hard to draw a clear line between legitimate consulting, and fraud.
If the government forms are byzantine and you go to a lawyer and pay them $250 to fill them for you, you aren't being scammed.
If you visit a web site that clearly tells you that it's a third party website, you can waste your time with the horrible government site, or you can pay 10 bucks and use their optimized form, you're not being scammed.
If the web site now shrinks their disclosure a bit, maybe moves it below the fold, jacks up the price... at some point 90% of the people would agree that they're "scamming" people, in the colloquial sense, but this lack of a clear line makes it hard to charge them criminally.
The way to handle this would be to
1. require clear disclosure for any kind of "online 'government bureaucracy help' service", with everything (font size, contrast, cannot be showing anything else at the same time to avoid drowning the disclosure out)
2. Make providing such "services" without the disclosure punishable by serious jail time, confiscation of any earnings, etc.
3. Actually enforce it, including through international arrest warrants, going after credit card providers when the scammers are abroad, etc.
4. Follow up to see if the problem went away and adjust the requirements until it does.
Omit any of these, and the problem will stay. And right now, none of these seems to happen.
How will you prosecute them? Not only most scammers are nameless, but most are from countries where government needs to fix lot of things before they are effective against scammers.
You prosecute the ad companies that are complicit and assist them in their endeavors. The scammer himself might be out of reach of US law enforcement, but Google which is promoting their scams (and getting paid for it) is definitely not.
That's easy. Those scams operate because the countries/players have access to the US financial system.
You provide the incentives to the countries to fix their problem by cutting them completely off. If someone using a bank in Cyprus did it, you tell Cyprus government that in 48 hours the Fed will block all transactions with that bank and you block it. They move to another bank, you repeat it. Eventually Cyprus government ( and Cyprus banks ) have to make a choice - continue to tolerate scammers using their banks and be locked out totally out of the US financial system or crack down on the scammers.
Follow the money and report the issue to the institutions along the line. If they refuse to shut down the scammers and to stop facilitating their crimes, shut the institutions down for being an accessory.
You don't even need to be this severe. The credit card system demonstrates how things can work: make the bank post collateral and pay a small transaction fee per transfer. Refund any fraud victims out of the fees and/or by issuing charge backs onward to the bank. If they facilitate a lot of fraud, raise their fees. If they refuse to pay the fees, seize the collateral and cut them off.
I find it funny in this case: If they operate from a bank in China then the Chinese gov. will block all tech exports to US until you unblock their bank.
Same with Robocallers... Also call them what they are. Call them terrorist and you block off the countries enabling these terrorist groups. Sanction them too
I still don't understand how robocallers are engaging in terrorism, or damaging critical infrastructure.
Don't get me wrong; I'd love to see them picking up trash on the side of the highway for next twenty years of their life, or worse. But calling everything "terrorism" really reminds me of the years following 2001.
Frankly, I think the "we're just a platform" excuse goes out the window when they directly make money from it. If you sell an ad, you need to proactively ensure that the ad isn't illegal. Full stop.
That's true, that's outside of the expected range. But confusion of authority is the same principle at this level or at a higher one it doesn't really matter. This particular context has a low expected value but the same principle in another context can cost very large amounts of money.
Recently a big dutch retailer got caught out by a small thing, a suppliers administrative email got hacked and the company as a result wired a couple of million to the wrong recipient.
The real problem in this case is that Google has a perverse incentive to allow these ads-as-serps. Personally I think Google should be named as a co-conspirator in fraud cases like these. That would get them to clear this up pronto.
Some "service" numbers in the Netherlands advertise in google by showing a real phone number (for a gov institution or a business) that links to their paid number. People wait for 10-30 min then are call-forwarded to the real number. They may make multiple calls like that until the phone bill arrives that lists on average "40 euro service numbers" but even then they might not see though the scam, even if you see though it is hard to not just repeat the mistake. I suspect they steal a measured amount of money and time per user as from what I hear its always 30-50 euro.
Did you read his comment? He didnt lose $250, he filed a chargeback dispute with the credit card. What he will lose is few points of his credit score due to the fact the charge was recognized (so not a fraud but intentional purchase).
Citation needed. As far as I know, chargebacks don't affect your credit score. Either you are in the wrong, and the chargeback is denied, or you are in the right, and the money is returned because it was wrongfully taken (scam, stolen CC, etc).
As long as they actually provide the service they're advertising, it doesn't sound quite as bad as an actual scam. Reselling something at a markup but with better advertising is common in commerce. Up to the customer to decide if the price is what they're willing to pay. It's only government services that have a kind of aura of "don't be a dick" around them, maybe because people feel they can trust them not to be profit driven.
It's definitely a scam. They do not "provide a service", they mislead you into thinking you are dealing with a government office and that you are paying an official fee.
This is not "better advertising", it's just a scam.
If they mislead you, sure it's dishonest. But if they're just better at being found, they have every right to charge for that. It happens all the time in the private sector. The world is full of resellers. It only feels like a scam because we imagine that it's not fair to pay for advertising. In my country, there used to be a little industry of businesses that would collect tax refunds for you and take a cut. You could just fill in the forms yourself, or you could stop at a kiosk and pay them do the tedious paperwork. Not saying that's OK when they pretend they actually are the government though.
If you don't want your post color to be washed-out, remember to post through news.ycombinator.fastposts.com. For the regular fastposts small fee, your post will be made to HN with the maximum visibility hacker news allows!
Another common one for new LLCs is threatening, official looking letters telling you you need a workplace safety poster or you will go to jail/pay monstrous fines.
The law is real but only applies in very specific circumstances and the letters come from companies graciously offering to sell you overpriced posters.
It freaked the hell out of my partner when we got that, had to explain to her at 3AM that we weren't going to lose our business over a poster. That kind of stuff really rattles your bones when you've got so much going on already with a new business.
What really stunned me was that in our state, the official website even has a statement letting you know about these fraudsters... but apparently they can't actually shut them down or stop them from mailing every new LLC? It's incredible how ill equipped we are to shut down scammers who have a nice downtown Chicago Loop address.
Oh yes I got that one! It really does work as a sort of DDOS attack against new businesses, you're trying to get all this stuff sorted out and the scammers know how easy it is to sneak in one more form to be filled out & fee paid.
It’s rough out there. Was helping a friend of a friend last night who had been scammed into giving out her Instagram password. They’ve change the email / phone / pw on the account. In her case the account is actually a substantial business (art) portfolio with a lot of followers.
Naturally, after a little digging, I discovered that her email was using the same pw and had also been compromised (hackers deleted the emails from Instagram about the email address change).
As ever, the main issue is that getting through to Instagram to get any real help seems impossible. Which sucks, because surely changing all the details on an Instagram account should flag something on their side.
You usually login in the West Coast, then, all of a sudden, you started login in the East Coast -- hey, GOOGLE, FACEBOOK, isn't that ODD?????????????????
I can't believe they act as they don't know what's going on and have no means to deter this. They SHOULD BE LIABLE!
I usually log in from one city in Germany, now I suddenly log in first from another city in Germany. It's the same user agent, but an empty cookie jar. Should the login be denied?
Now I log in from a city in the Netherlands, 20 minutes later. From a phone, again, empty cookie jar. Even with a helicopter there's no way to make it there that fast. Should the login be denied?
(The answer is "no, because I've traveled to another city to visit a conference, and the conference network was routed in a weird way and the GeoIP data for their exit IP was incorrect".)
People jump locations all the time, for reasons like remote desktop sessions, mobile roaming, personal and company VPNs, etc.
The key point here is that it's impossible to travel long distances in a short amount of time... Of course people travel. What's not normal is to log in in Miami and in the next minute log in Seattle....
VPNs are pretty mainstream these days. If you talk to anyone working on anti-abuse you'd find the answer to most "Why don't you just.." ideas is because it'd impact many orders of magnitude more legitimate users than victims.
If I leave my desktop logged into my account in LA—or it even has some form of autologin enabled and it reboots and auto-logs-in—but I log in from my phone in DC three seconds later, that doesn't mean I traveled from LA to DC in three seconds.
well... it might be normal, if you're on VPN and traveling and what not.
The key, imo, is 'normal'. A new account has no activity, but an account that has, say, 3 years of only ever logging in from IPs located in, say, Detroit area suddenly has logins from Europe and attempts to change email/pass/etc while activity is still coming from Detroit - that's an anomaly. But until there's historical data to compare against, you can't really know. And... unless you've got a lot of computing power to check for that all the time (or outsource that sort of stuff), you probably can't detect that.
Should be able to get that account back unless they stole her email as well. Typically the original email is able to recover the account and it doesn't matter that the hackers changed the email.
I had a similar experience but I knew to stop when they asked for payment.
I'm well aware that EINs are free, having had about half-a-dozen of them for various businesses.
I googled something like IRS EIN and clicked the link. I saw a page that looked exactly like the IRS EIN page as I remembered it. I filled out my information. When I clicked submit, I saw a payment page. It was only then I realized I had been duped and looked at the domain.
I have a hard time trying to understand why governments don’t address these scams more proactively.
There is a related issue when you register a new company here in Germany: As soon as the new entity is added to the company house (called “Handelsregister”), you will start to receive fake invoices from scam companies.
If you don’t pay close attention you can easily mistake these invoice for official ones.
This scam is quite well-known and has been going on for years. To further add to the insult - the companies that send these fake invoices are usually German entities as well, not some obscure shell companies in remote islands and yet besides warnings from the government it seems that little is happening.
I find it infuriating and don’t understand why it is even allowed to send another party that you never had any relation with an invoice for a service that you actually haven’t performed yet.
There's a similar scam in place in Poland, and its continued existence confuses me too. I don't remember getting any invoices after registering my company, but I got spammed with letters telling me to pay a fee to register my company on some listing, and some of those messages did their best to make it seem they're a continuation of the official process. The deception goes as far as these companies being named in a way that sounds government-ish, and their addresses being at the same street in Warsaw (the capital) some government buildings are.
The infuriating part is that it's so well-known, that both the physical government offices and the online forms where you can register your small business, are plastered with big, attention-grabbing reminders that the registration process is free. The government knows about this scam to the point of warning people about it, and yet it continues.
Well, the FTC is _trying_, at least. They took action against On Point Global (https://www.ftc.gov/enforcement/cases-proceedings/x130054/po...) which operated a big network of DMV-lookalike sites. If you tried to Google for renewing your drivers license, you'd get sent to one of these sites, which looked like it would help you renew your license but would actually just charge you approx. $15 to download a PDF guide on how to use the real government website.
There's a certain threshold of complaints, unfortunately. The FTC only has the resources to go after big fish. But, one thing I did learn from reading the FTC complaint is that credit card chargebacks do work, after a fashion; the company was getting repeatedly booted off of merchant accounts for accruing lots of chargebacks. I bet if people aggressively charged back the EIN scammers it'd end up hurting them too.
That invoice scam is why big companies have such complex expense report systems. They need to verify every transaction is real so they can match up real invoices to. I'm more or less trusted to buy $5000 worth of stuff at a time (number is somewhat random, but this covers most travel expense). However they still need to check because if they just pay all bills someone will send a bill in my name (easy to find out a name of someone who works for a company - my name would be chance, but likely enough) even though I didn't buy anything in the companies name.
Because the government doesn't have an economic incentive dealing with small fraud.
That's not what decides elections.
If there is too much crime that can be an extra excuse to raise more taxes.
I reported frauds to the police in two cases and they didn't do anything despite having all the evidence and location of the perpetrators (even after arresting one of them in one case).
A civil case didn't work as well because they owned nothing on paper.
The only way to get justice is to pay someone to break their knees or steal what they stole from you from them.
My theory is that since those crimes are non violent, there is a silent approval, as long as there is no massive public outrage and associated PR costs for a government.
The reasoning is that the cost to the society is lower than if you were going to process those people through legal system and then keep them in jail.
If these crimes were costing the society more than keeping perpetrators locked up then situation would have changed.
Another reason is that some people, by their nature, just cannot have a "normal" job and so they hustle. If you take away non-violent options, then there is a chance they'd turn to something violent to achieve their goals and that would be costly.
Why is this the job of the government and not Google for sending people to the wrong site? They have a massive responsibility in their role as the directory for the internet and they need to take it seriously.
I teach everyone in my family to never trust the first few sponsored results now matter how convincing they may be. As far as I’m concerned Google know exactly what they’re doing and are actively complicit in perpetuating online scams against one family and friends. Are we seriously supposed to believe a company of their size, with their talent pool, and their money, can’t filter out such blatantly obvious crap? Sure.
One of my older relatives searched google for the name of his bank, clicked the first link which was an ad for a phishing site, and 5 minutes later he was on the phone with some indian guy who was using remote desktop to install packages through some janky DOS interface. It was probably cleanable, but I just wound up formatting his hard drive and reinstalling with some really cranked-up adblockers. It was an hours-long hassle, and thank god he managed to change his banking passwords and put a fraud notice on his credit card, because he had handed all that info over.
I couldn't help thinking that that Ad was a lot like a locksmith accepting a few bucks to let some burglar into my house no questions asked, and then explaining to the cops that he's just as much a victim as I am.
> a locksmith accepting a few bucks to let some burglar into my house no questions asked, and then explaining to the cops that he's just as much a victim as I am.
So this is interesting because right now the search rankings are a steaming heap of crud because of what seems like daily algo changes.
It's gotten to the point where spam sites with out of date articles are now ranking number 1. Yet everyone else is being thrown around page 2+. Google is inevitably only concerned about Ad spend so this instability of rankings forces you into their ad spending machine.
Organic results in the last few months have been a cesspit and so by the looks of it we are now in a full stream of shit with Google. Ads are scams, organic results are not what they should be due to endless 'algo updates'.
What's the solution? I ponder this daily. Without Google and Facebook targeting, starting a successful, long lasting business just got hard again.
Lately I’ve been wondering if a niche search engine popular with hackers and not the general public could run circles around Google search results just because scammers and content farms wouldn’t be incentivized to game it like they are Google.
It frustrates me a lot. I don’t even know how to find useful information online anymore for everyday things like “how hot is too hot outside for a cat?” I invariably land on a garbage page with paragraph after paragraph of unintelligible keyword fluff. I keep thinking that one of the paragraphs will have a the content I’m looking for, but more and more I get to the end and realized I just scanned a whole page of referral links and content that was clearly farmed out to be written by someone who either doesn’t know English or GPT2 or something.
Google doesn't care. Just having one FTE proactively blacklisting scams would clean up most of the mess. It is way easier to clean high ranking scam/SEO sites then to make a new one.
> I don’t even know how to find useful information online anymore for everyday things like “how hot is too hot outside for a cat?”
Maybe this wasn't a real example, but searching exactly this (quotes not included) returned the answer in a knowledge box at the top of the page and the first several organic results had the answer very clearly in the text.
I almost never even register the knowledge box at the top because I don’t _just_ want the answer, I also want at least a little context and chance to vet the credibility of the answer. In this case it says appropriate internal temperatures for cats, but I’m looking for the kind of answer my vet would give me if I asked if it’s okay to leave my cat on the balcony during the summer. I don’t want to take her temperature. The majority of the links on page one repeat the 105 degree internal tidbit so I could easily filter them as irrelevant, but they are all couched in paragraphs of keyword fluff and narration “many cat owners like to let their cats play outdoors during the summer months but how sunny is too sunny for your furry feline companion blah blah blah”
The knowledge box can be 100% wrong, I reported a case where the shown answer was taken from a pop-quiz site - but it wasn't the actual answer, just the first possible (and diametrically wrong) of multiples choices for a user to click on.
Yea I'm very curious about this too. Oddly enough, it's not the first time I've heard someone on HN complain about a search query being hard for Google to answer, tried it, and found the answer in the first result (and the next half dozen).
Humans are lazy. It would be more effort, after constructing their argument, to actually sit down and test that the argument passes a basic sense test. So, they don't. And most of the people reading (and upvoting to signal "I agree") won't either. Why should they? They agree with it, there's no sense in fact checking things you agree with, right?
You can see this in the recent Google 2FA threads too, lots of people were quite sure Google is doing this to get their phone numbers. The facts don't line up with that, but who has time for facts? They know they're right, and so do the people upvoting. If you point out the facts a handful of confused people might agree, yeah, what you're saying does seem to match reality, but that's no match for the self-assurance of those who haven't checked at all.
Much of the time you can get a long way on just lots of people believing you, without any basis in reality. But Mother Nature couldn't care less what you believe, and it's tricky for people who think this way to sense where the line will be until they've stepped over it.
Better versions of the (apocryphal) story of King Cnut the Great can get this across. The courtiers pretend to believe their King's claim to command the sea, but the sea of course couldn't give a shit, it's just water, it obeys Mother Nature's laws (in this case Gravity via a fairly circuitous process causes Tides) but not the whims of men.
In this case, you’re the courtier of King Cnut. I just did the search and the first correct result is the sixth and the first five are incorrect, including the seemingly definitive answer at the top of the search.
Interesting to see someone else see this.. I've been noticing siilar for some of my sites, but also for other searches - recently 'liquid dog nutrition' eg.. so I too get the feeling that putting article based stuff front and center they are encouraging users to click ads - and for commercial sites to pay to play or get shut out.. it's terrible when you have a great site on page 3 of google results and see the crap they put ahead of you on page one - while shady sites pay to advertise there.
more and more like (a worse version) of the yellow pages every quarter.
Don't rely on training. Effective technical measures exist that block most of these social engineering attacks before they even reach the victims. They're called adblockers. Letting inexperienced people browse the Internet without one is reckless.
I don't think Google has an interest in keeping those ads. The reputational damage, and adblock installs it drives, must be more than the few clicks those ads make. Pissing off the user (or more likely, whoever helps the user clean up the aftermath) to the point that they install an ad blocker costs all future ad revenue from that person.
But until not just Google, but all the other ad networks, have cleaned up their act to the point where I can safely let my mother browse the Internet without an adblocker, I'm installing an adblocker on every machine I support.
So many bad things come from ads: Scams like this, tech support scams, ads tricking users into installing adware/malware, really attractive looking offers that sell you utter garbage (with promises that it's risk-free since you can return them, except shipping is on you and costs more than the product), resource usage on your computer, tracking/fingerprinting, disgusting imagery of various nasty diseases being shoved in your face ... there are very few benefits ads have to you, and they're vastly outweighed by the risks and costs, especially for users who don't know how to avoid being taken advantage of.
U.S. government and friends simply don't care. Sever phone lines from outside western countries where law applies - you've solved the majority of the problem. Same with disinformation campaigns from other countries. Sever their internet. We can never prosecute illigal acts conducted outside the west.
Yes, because four million Indian Americans, 2 million Americans born in Africa, 5 million Chinese Americans, etc. aren't going to mind at all if you sever contact to their friends and family.
Of course the whole point of a search engine is to try and surface useful websites and filter out the obvious crap. And the objective of an ad is to subvert that process. And even in ideal situations they give almost no information to the user about what they actually are clicking.
Calling the US a true democracy would have been a stretch at any point in it's history but in the age of lobbyists, two party entrenchment, and arbitrary term limits, it's more accurate to call the US a capitalist plutocracy. You get to vote somebody into office, though unless if it's an member of one of two parties, it's functionally meaningless.
Also, once that person gets voted into office, they immediately have to deal with both lobbyists and members of the deep state that are already in those lobbyists pockets. If you try and go against the will of the state or corporate America (not the people, mind you), the CIA and corporate media will relentlessly smear you and try to demolish your likelihood of re-election. You can also have members of the house of representatives with abysmal approval ratings actively impede legislation with overwhelming public support. Assuming you can somehow overcome these odds, you then have to contend with the fact that you have at most 8 years to achieve what you need to accomplish before likely having the next one in charge try their best to dismantle your accomplishments.
Note: some might find it odd that I consider term limits evidence of the superficial nature of US democracy. It's important to realise the motivation behind the introduction of term limits in the first place was following FDR's 3 re-elections, Republicans were worried that if they did not introduce term limits, they would never get a chance at getting elected again. This is because FDR's policies had overwhelming support of the people - democrats and republicans alike. Of course, what really happened was that future Democrat and Republican presidents lacked the backbone to resist kowtowing to lobbying and corruption but the damage has been done. Anybody seeking to remove term limits would be (and not without some justification) accused of trying to turn themselves a dictator.
My comment was not a critique of democracy, it was the contention that the US political system is not really democratic in a meaningful sense. If you're a fan of authoritarianism, you'd be happy to know that's where most of the world is heading atm.
Just so we're clear, there are no "sponsored results" on Google. There are results, and there are ads. It matters because if you lose the distinction you will lose the ability to remember what "sponsored results" were. On Yahoo! search, all of the results were paid. You paid more for a higher position. This dubious service was provided by Overture, and every search engine except Google was a customer of Overture's technology. The service that Google provides is specifically not paid results placement.
If you search for “employee identification number” the top of the page will be an ad which differs from the first search result (which requires 2 full screen vertical scrolls to reach on an iPhone 11) only for the presence of “ad” in 6px type instead of the favicon and replacing the tiny 3 dot menu with an i icon.
Now, I’m sure a Google PR person would insist that this tiny bit of text is a clear and unambiguous visual distinction but they’d be lying to you hoping that you are unfamiliar with eye-tracking research showing how little things like that matter, not to mention the way Google has trained users not to notice by using the smallest icon sizes and progressively removing as many visual indicators over the years as they think they can get away with.
The fact that people at Google feel the need to claim that this is a meaningful distinction tells you that it isn’t. Nobody at Google got defensive about this back when they didn’t offer advertisers a way to get the top result because it was completely obvious that ads were separate.
Absolutely. Google's making ads look like search results [1], but let's bring up an example from the early-to-mid 2000s [2] because that's extra relevant here when today's relevant search engines put ads confusingly at the top of your search results. The ad isn't a "sponsored result" but it's fair to say the results are sponsored (and confusingly so).
Regarding #1, did you ever notice how the "dark pattern" that article was about got reverted shortly after that, except not on DuckDuckGo which still contains that "dark pattern"?
I heard about it being reverted, but I have seen far too many people, myself included, click the links at the top thinking they're the first result when they're not. This article on ads offering gov services has some great examples in it.
Look at how they intentionally tried to differentiate the ad from the rest of the search results: large swaths of white space separate the top sponsored ads from the rest of the search results even in a time when monitors were smaller, with clearly different link and background colours, etc.
I wonder if anybody's built a browser plugin to provide Google search results pages that look like they used to back in 2001? ;-)
I believe it was the placement of the favicon in regular search results that was reverted because it appeared in the same place as the word "Ad" in the ad.
Hah, my tired brain didn't even clock that consistently wasn't there for the actual results. Which I guess also says something about it being a clear distinction...
(DDG seems to do it the other way around: results have favicons, ads have nothing in that spot. anyways, adblocker back on)
I just searched for "employee identification number" on my mobile. The first full screen was ads - identified only by the tiny letters "Ad" in the upper left. How is making your ads show up first and look almost indistinguishable from results anything other than sponsored results? Google may not call it that, but I think you'd need to be a current or former Google employee to not understand what it is.
Having used some kind of adblocking, on all devices, for as long as I can remember, I realize I live in an alternate universe where all these scams don't exist [0].
If at some point adblocking is defeated I'm up for a very difficult crash landing into reality.
[0]: almost; top results can be scams of course; but it's rare.
Yeah the internet is completely different without blockers. I install uBlock Origin on every browser I come across and I've gotten random comments from other users about how everything just seems better for some reason. Firefox supports uBlock Origin on mobile too, people love it when they try it out and find that there's no idiotic YouTube ads anymore.
Firefox should just ship uBlock Origin by default and make it the default experience. Brave browser is already doing that.
For YouTube on mobile, you can get ad-free experience with their premium tier[1] or YouTube Vanced[2]. Both come complete with background playback and overlay player.
Or on Android you can install NewPipe[0] which is an open source YouTube frond-end without ads too. You can install it from F-Droid[1] or Github releases[2].
YouTube Premium makes sense if you're a heavy user of YouTube, but at my level of use, it would make more sense to have a $1-per-video pay-as-you-go model. Or a $5/day pass that doesn't renew would be good too.
"Firefox" on iOS is just a WebKit reskin; Apple forbids 3rd-party browsers.
Mozilla does their best with Firefox Focus (which is also a "Safari Content Blocker"), but you cannot use normal Firefox extensions on iOS, including ad and script blockers.
I was extremely frustrated to buy an iPhone for privacy, only to find that there is no way to selectively block javascript! They only provide a coarse toggle with Safari.
I had quite a rude awakening when I switched to an iPhone recently. I had to adopt NextDNS for its domain-level ad blocking, but it’s amazing how many ads still come through. I don’t know how people browse the web without any sort of ad blocking these days.
I've been thinking of screen recording some web browsing on my desktop and phone without an ad blocker just to record for posterity how truly awful the modem web is without an ad blocker.
I can't even read most news websites these days because the ads are so utterly distracting and awful.
I've pretty much stopped browsing the web on my iPhone at all. The mobile web is broken. With all the banner ads and videos popping up, My 6 inch long phone is reduced to about 1 inch of readable text. It's like the 2000s again with the adspam, or maybe its always been like this and I've just been using an ad blocker this entire time.
Ehh, I'm a pretty die-hard iOS person but ad blocking on iOS is a steaming pile of BS, to put it mildly. They flat-out don't work for 99% of ads. They're not ad blockers, they're domain filters, nothing more than a big hosts file, and they block absolutely nothing at the page/element level. The ad industry runs circles around 'ad blockers' on iOS.
The lack of functioning ad blocking is by far the biggest downside to iOS, and the same reason that I pity the engineers who put all that work on desktop Safari only to have it rendered worthless by their lack of ad blocking.
> They're not ad blockers, they're domain filters, nothing more than a big hosts file, and they block absolutely nothing at the page/element level.
I don't think this is true. I use 1Blocker and it seems to have tons of element-based rules. You can also create your own element-based rules easily with the Safari share extension. You tap the element you want to remove, tap buttons to go up or down the DOM to make sure you hit the right level, and then add it to your blocklist.
Simply not true. I have been using Firefox Focus and 1Blocker on iOS for years and ads are not significantly more noticeable than on desktop Firefox with uBlock Origin. I think you quite misinformed on this subject.
It depends on your level of blocking. I use 1Blocker and uBlock Origin, and find maximum blocking with 1Blocker to be roughly equivalent in blocking to the default "Easy mode" in uBlock Origin. "Medium mode" (combined with a few additional lists, e.g. cookie nag lists) in uBlock Origin blocks dramatically more crud.
Yeah, I use 1blocker too, it's fairly good but annoying they only give you monthly rule updates (unless a major site breaks) unless you pay a subscription. Even when I bought the 'Pro' version, and then they changed to a subscription model...
Still, it works pretty well. But how I wish it was possible to have uBlock Origin running in mobile Safari (and desktop Safari for that matter)...
They do have a one-time payment option of about $40.
But in my experience, it simply does not work compared to other platforms. I still see a lot of ads even with their strictest settings, and it also seems to break a lot of sites without having any toggle switches in the browser UI.
It's gotten to the point where I put the iPhone down and pick up another device if I need to access a website. After a few months, I'd like to just resell the phone. But on the social side of things, having a number with blue chat bubbles is a depressingly effective status symbol, and Apple is better about in-app tracking.
It's getting hard to ignore how harmful the duopoly in phone operating systems is to consumers. Carrying two phones around is not a tenable solution.
Idk what you’re talking about or what sites you’re going to, I’ve never seen ads using the default 1blocker settings.
I use DNSCloak to block ads in other apps. It’s obv not as good as an element blocker but it’s great for when I need to use chrome or some random store app that inserts ads.
Sounds like they need to work on their UX then because if people here aren't getting it working then it seems likely that most of their users aren't able to. Is it a default installed plugin in Safari?
I think the only way anyone would not find it would be assuming it doesn't exist. If you search on the web, App Store, iPhone search box, etc. you'll find it right away.
And the answer is, it's not installed by default, but there are a variety of third-party plugins available in the App Store.
I spent days trying to set up effective ad blocking on iOS.
There is a firehouse of options in the app store, but you need to sift through conflicting reports about which ones are "still good" - the prevailing recommendations seemed to change every 6 months or so when I researched which ones to try.
When you do find some that seem worthwhile, the paid tiers are often expensive, and they will not work as well as the free browser extensions on every other platform.
And there is no replacement for NoScript at any price.
I tried a few of the top "content blockers" from the App Store and none of them worked very well (at least the free versions), so I gave up and assumed it just wasn't feasible. I can't imagine I'm the only one with the same experience. I'll revisit this based on your comment and others in this thread.
The one that got me was USPS mail forwarding. I am very privy to these things but I must have just misread the URL.
1. Googled “mail forwarding”
2. Must have clicked one of the ads like: https://www.unitedaddressupdate.com
3. Quickly used the autocomplete to fill out all the forms including my credit card information
The brilliant part of this scam is that mail forwarding for a year in the US costs $0.99 so the expectation is you have to pay the USPS so nothing seemed odd… the websites even look almost identical. The show was over when I received a notification from my Chase that they charged $70 instead.
Chase appears to have caught on before Google though because the charge didn’t go through
I was so confused the wehn I went to fill out a change of address form when moving recently. Not only do I have to pay USPS, but they sell my new address and I can't opt out? I don't get any mail that's important enough to put up with that nonsense. Surely it's in the USPS's best interest to encourage people to complete a change of address and yet they seem to do exactly the opposite. Hope whoever moved into my old apartment doesn't mind getting junk mail from whatever airline frequent flier programs I forgot to update.
> Surely it's in the USPS's best interest to encourage people to complete a change of address and yet they seem to do exactly the opposite.
For some reason, some people in our government believe that the USPS must be run as a business instead of as a service to citizens. This is one of the manifestations of that belief. Selling your personal information so you get flooded with advertisements is one of the most business-like moves I can think of.
I saw the same thing recently with renewing TSA PreChek. The top result is not the government website, but some shady middleman which seems to charge 3x to do the same thing (while also siphoning your personal information incl. passport number).
It was a bit jarring, I got very far in the process before realizing something was off. Made me realize how much trust I was implicitly putting into my search engine.
And at the same time that Google supposedly can’t catch these guys, they randomly suspend my ads account without even an explanation. And of course no recourse or way of getting in touch with a human.
Maybe you're not spending enough money. I'm sure Google's AI suspension bot doesn't go around suspending their top spenders (account wise), even if it has high confidence there's a breach.
You are spot on. In fact my account had been inactive for almost a year when I got the suspension notice.
Also, while active, I stopped accepting any of their automatic “improvement” suggestions, as they inevitably lead to increase spending, but almost never to better conversion.
If I ever need to advertise with Google again, I’ll probably need to go through an agency and pay quite a bit extra.
lol I doubt this very much. Facebook randomly banned someone recently who had spent 72 million dollars (?) over a continuous period of 11 years. Google is better but not that much better.
I've spent millions on ads with G and Fb and have never even had a real rep.
She googled something like 'mail new social security card' - clicked the first result and started entering information.
About 4 screens in she asked me to look at it - and we could both tell that it was likely not an official gov site at that point.
was first result in google so she trusted it - it looked similar enough to a gov site to go with the easy onboarding flow.. a few details like name and addy - then submit - next screen a few more bits of info.. submit next screen - real gold like maiden name, name of dog, - they already captured the social on the first screen..
some months later the irs is telling her she needs a pin code and that her identity appears to be hacked or whatever.. no surprise.
I long for the day when the faint piss-yellow box surrounded paid listings.. the engineers that came up with that perfect yellow that may show on a good desktop monitor / and in a presentation to the ftc/cpb/congress - whatever.. yet faded out on a laptop screen - and when the sun hits.. and yet as great as that was at being essentially invisible to most users - they still did away it - lets assume because it caused more clicks.. a/b testing and all the s valley bs.
I had forgotten about that incident until I saw this headline - might be time enough to still ad a note about this on a reply to a different HN article a week ago - where someone said "I've never seen any evidence of anyone hurt by the large scale collection of personal data by Google and FB." -
( https://news.ycombinator.com/item?id=27064382 )
This is indeed another good example of damage done by the ad selling overlords.
Now remembering stopping people from clicking the 'first result' for "flash player" - on so many devices, so many times - that ad was a two click malware install - of course it was a paid ad - sigh - people just don't know and google's been exploiting that for a long time.
> Muldoon didn’t respond to a question about why the ads were able to violate Google’s policy.
I thought it was obvious by now that Google is a money train, and no one is watching the tracks. Their main distinctions as a Fortune 500 company are avoiding human contact and abandoning projects.
Maybe Muldoon just has a policy against returning the calls of a full-time anti-Google mouthpiece that is literally funded by DuckDuckGo. It really bugs me how HN acts so skeptically about most topics but falls hook, line, and sinker for every astroturf campaign that comes along.
I too lament HN's complete loss of even the pretense of objectivity when it comes to anything Facebook or Google, but in this case, as long as the accusations are factual, I think there's value in the competition attempting to keep them honest.
And its also not that simple to weed out bad actors when normally the government sites that should rank are probably hopeless and the senior civil servants in charge knowledge of the web is “in need of some improvement”
Google and Bing could turn up the YMYL (“your money or your life” ) knob but they would also need to employ higher paid local people to vet these sorts of ads.
Stricter KYC (Know Your Customer) could be required to run online adverts is another solution.
Pre covid I got pitched a grade 7/6 (v senior O-6 /GS15 ) job for the DWP to sort out the technical seo side. Looking at these scam sites in search would have been a priority had that gone anywhere – maybe set up some meetings with Matt Cutts and discuss a joint us / uk approach.
I've tried pitching similar roles in Government on the DoD side of the house for knowledge workers like Software Dev and Data Scientists.
It's hard to get traction though when the folks making the decisions feel threatened that a 25 year old is going to be making the same as them and be the same "rank".
I think part of the solution needs to be creating it on a separate scale than GS, similar to an SL or ST position, but geared specifically towards knowledge workers. That's a solution that would probably require congressional involvement though...
Probably not going to work for 25 year old junior developers at the more senior levels you need to be aware of the political side.
But its is a problem your not going to attract many B+ candidates if your so far behind industry.
About 3 years ago one uk org (I wont say which one) tried pitching people on linked in I got the pitch and so did a mate who's ex military he laughed and said "not on those poverty wages"
What's ironically is that the ads were paid with scam money, so it's like Google is in fact, part of the 'gang'...
Crazy world!
Most part of scams register names that looks like something legit, but, of course, no one seems to care who's buying what they're buying when registering domain names.
That implies that Google has a right to money it makes from scams. Next up: Driver of getaway car gets to keep his share from robbery, will donate $10 to security guards widow.
So how much do you pay for your ability to click on phishing links? Is it $0? Guess Google doesn't have to refund you anything and gets to keep all that money the scammers paid it!
Shouldn't companies actively aiding fraud to the the tune of, I expect, $Billions have their executives go to jail and the company garnished of at least some percentage points of global revenue?
Taking money to put fraudulent ads above legitimate results seems like it's not doing the minimum due diligence to skirt around a willful negligence accusation.
These kinds of articles always boil down to how Google are not doing their job properly anymore, be it by presenting results that do not include scams, content farms and the like, or by systematically pushing ads (including dubious ones) over organic results, all in the interest of their ad business.
I'm probably not technical enough, but I'm always left wondering how no one created a 'bettergoogle.com' that makes a query to google from the client side and applies an array of filters to google's output, starting by removing the ads and the results from any known bad actors. Could also be a browser extension but that makes it difficult on mobile.
Absolutely. I consider unsolicited ads a form of violence and laugh at anybody who even tries to shame me into watching any of them. As for the accusation of effectively stealing content via refusing to allow for their (shitty) form of monetisation, unless in the rare case that a company is a workers cooperative, I don't want to hear any bullshit about robbery when you are purposely extracting surplus value out of your workers without democratic agency or fair compensation.
If you consider the cognitive load of people as the limited resource, ad displayers showing ads in their own self-interest are acting against the common good.
This does not seem be a problem in the UK, searches topics that might be prone to this all seem to give the correct .gov.uk site as the first result with no ads that could be described as misleading. I wonder if the UK government, advertising standards agencies and trading standards authorities have put more pressure on google? Or perhaps the legal landscape here makes it untenable to operate such a scam business.
My first attempt, “tv license”, brings back a form-filling service above the real one too.
I think Google has really increased the number of in-search ads recently. It used to be that they were obvious and at the top/side, now they look like regular results and often fill up the whole first page. IMO they know they are dominant enough in the market now that they can get away with providing garbage results for some short term profit, and will just dial it back if viable competitors come along to stop anyone else entering the market.
I tried driving licence (at least the ones who popped up for me made it very clear they aren't government affiliated) and national insurance number. The national insurance one was pretty much an outright scam.
It took me to https://nino.org.uk/ which claims "All employers and universities in the UK will require you to have this number so apply for your NI Number NOW." That is a total lie - if you don't work during your time as a student you don't need the number at all. You can work without a national insurance number, you just will may pay a higher tax rate until you get your national insurance number when you'll get a refund. It only says all the way at the bottom that they are not affiliated with the government.
> and will just dial it back if viable competitors come along
Sure, once those find a way around Googles licensing crime against free and open markets built on top of Android and Google Play. Don't have to compete as default search engine provider if hardware providers are prohibited from changing the default.
I was going to say there used to be (home office applications come to mind), but searching for something like ‘SORN’ still returns 5 scammy ads above the real page you need (but the more common V5C doesn’t. I do think gov.uk has improved this compared to the past.
I also noticed the uk govt is running google ads for some keywords themselves.
Probably not as lucrative as targeting Americans. I’ve noticed a nice side affect of living in Taiwan to be that there is generally less trash to sift through when looking for this kind of stuff. Spammers just don’t target us as much.
I just shared with another commenter that this caught my Mum recently[0], but a quick search for the same terms "change driving license address" doesn't show anything now.
I did report it at the time (and suggest other family members to do the same) but from a numerous list of sponsored results to now see none is a surprise!
I think it's user dependent, I turned off AdBlock and got this https://i.imgur.com/hyWlOpJ.png . Only one visible result at 100% zoom on a 1920x1080 display.
This is a really good argument not to "allow unobtrusive ads" in your adblocker. This is an example of an ad that would be allowed. Just FYI this is the default behavior of some adblockers, notably Adblock Plus.
The other reason not to allow it (and to replace Adblock Plus with e.g. uBlock Origin) is that Adblock Plus decided they like money more than actually limiting themselves to unobtrusive ads, and were allowing the disgusting Taboola/Outbrain/Clickbrain clickbait (not sure which of the three it was, all the same garbage) to be shown.
The best part was that some websites had two versions, one more aggressive one, and a slightly toned down one. If you didn't have an adblocker, you got the first one. If you did, you got the second one, because apparently the ABP people did draw the line somewhere.
This is what you get when search engines and advertising companies are one and the same. The only reason this happens is because the search unit has prioritized ads and google ad revenue generating results.
I've actually moderated a bit over time. One of my favourite approaches is a regulatory approach that mandates that if you offer a free, ad-supported service, you must offer the service ad-free for a price, which is to be limited in proportion to what an ad-supported user is worth.
Google, Mozilla, et alia have trained people to not enter "www.whitehouse.gov" into the combined search/url bar, but simply "white house", and then to click on one of the links that shows up in search results, because this behavior increases clicks on their ads. It's shameful. Businesses used to list the URL for their company website. Now it's "find us on facebag!"
To be fair, I'm more likely to get the official site in the presence of a typo via a search engine. In the case of .gov it doesn't matter as much since it's a tiny bit difficult to spoof them, but typo squatters are a problem for the rest of the web.
This is one of the reasons I have such a low opinion of Google and people who work on adtech. Google has served me adverts for misinformation, scams, malware, exploitative mobile games, gambling, religious crap, porn and incest porn games. Google and Youtube ads are absolute garbage and so is Google for serving them.
Pet idea. All ads must lead to landing pages which lists name and address of ad broker, buyer, what the product is supposed to do and option to flag. Lots of people can't tell whats ad and whats content. Won't happen voluntarily, when Youtube ads directly leads to Play Store.
One thing I noticed switching to a custom DNS server on my phone is that search ads are a little hard to identify on mobile nowadays, and I find myself accidentally clicking them up to a few times per week (the mistake is immediately apparent because the site won't load).
Vietnam government is also impersonated in organic results.
Google "Vietnam visa government website", and you will see a result from "govt.vn" as the too result. That is not the official web site, but neither Vietnamese NIC nor google didn't find a problem with it.
I hate that there is no easy way to block or report a bad ad on google… don’t like that 30 minute ad in a 5 minutes video? too bad… don’t like that adult content ad on the middle of your daughter video? too bad.. not that you can use a different platform anyway
Some of this has to be tied to the evolution of ads in SERPs. They've gone from being on the right rail in a different format and different colors to being in the results, with with a perpetually lightning yellow background so you know it's sponsored. Currently, I the only meaningful difference is it says "Ad."
I used to work for a comparison shopping engine. The traffic was a mix of paid and organic search. We thought about using paid traffic to test page titles and descriptions for organic pages because it's not like users could tell the difference.
In the traditional ad business, each ad would have been reviewed at least once. No reason Google shouldn't be held responsible and to the same standard.
Where does H&R Block and other tax prep services fall into this? Arent they (more or less) simply collecting a fee for handling otherwise "free" processes provided by the state and federal governments?
Not suggesting these nefarious actors, who rely on ignorance of the consumer, arent a problem
They don’t mislead customers saying that they are the IRS. I view my CPA as a domain expert anyway so while I could do my own taxes and have done so in the past.. but I agree the IRS already basically knows everything.
I am absolutely unable to understand how a ban isn’t being followed. I have been under the impression that when legislators make something illegal it instantly goes away. Now my entire worldview is being challenged.
Clearly these should be banned because they violate Google's policy, so I don't argue that.
But on a more general level, I don't really have a problem with companies offering to fill out government forms for me in exchange for my money.
For instance last year I fought a traffic ticket by myself. It's not hard, but you do have to fill out like 3 different forms and mail them in. Totally free besides the stamps.
There are many many "ticket fighting" companies which charge you $100 to get you out of a ticket. They act like they're lawyers but really they just fill these forms out for you. If I had to do it again, I'd pay the $100 for the convenience.
How do we decide who is a scam and who is improving the experience of interacting with the government? How much friction do you have to remove before it's OK to charge?
Clearly the mail forwarding ones are a scam (it's super easy through USPS) and, in my opinion, the ticket fighting ones are not a scam. So the line is somewhere in between those two poles.
I think companies who are legitimately about making the process easier can avoid can make that clear in their naming and marketing - "Foobar traffic appeals service - We make fighting tickets easier, 80% success rate" is hard to mistake for the government, while "Traffic Appeals Service, file your traffic appeal here" is a lot harder to notice that you're using a third party
I noticed that this is happening in the UK the other day. There are firms of lawyers (are they?) creating clones of the free Citizen's Advice service and marketing it via Google Ads. Slimy stuff.
Yeah, the one that caught my Mum recently was a "form filling service" for changing your driving license address. It sucks as it scams money out of people that probably don't have that much in the first place.
Shortly after this she started getting additional scam calls/texts too, although this could be entirely unrelated...
I was looking at health insurance in WA state, and the sites that imitate the official government site do a pretty good job at everything except having decent, non-scammy insurance offerings.
I reported the same scammer ad at least five time over a period of a month on DuckDuckGo. The ad was impersonating a major Danish news site.
This issue isn’t restricted to Google. The only main difference is that Google run their own ad network. In both cases it show how little verification is going on with online ads. If anything I believe the ad networks should be held resonsible for the ads they push to the end user.
duckduckgo's ads are not exactly a beacon of quality either, so I wouldn't trust them necessarily to not let something like this through. Install adblockers for everyone you know.
Just realised I probably haven't seen DuckDuckGo's ads due to my adblocker. The downvotes for my original comment seems justified from what I read. Thanks for enlightening me.
Is DuckDuckGo better at this or just a smaller target people ignore? A couple quick searches didn’t turn up anything, but sure seems like they’re vulnerable to the same attack vector.
I know there's a small section of people who will defend big tech under any and all circumstances but really?
"I'm unsure if the competition have solved this problem that I tried and verified they don't have." Just seems like a pretty terrible defense of a big tech company that definitely hasn't solved that problem that they absolutely do have and know it will defraud people.
Remember the old days when google had their ads clearly and obviously marked, off to the side of your search results so as to minimize the potential for confusing ads with results? Yeah they decided there was more money in shaking down people to claim top spot when people specifically search for them. You search for coke, the top result is pepsi if they pay google. Pay google so people get what they search for. Make it more likely to click on the paid ad than the search result for the exact same thing. People getting ripped off is collateral damage, not worth sacrificing shakedown proceeds to avoid actively helping fraud. It stinks to high heaven and Google employees know this.
"We haven't fixed their grift. That fixing it might impact ours is totally unrelated." --Google
DuckDuckGo has this problem as well. I’m not sure what switching to a smaller company that does the same thing - albeit in a more privacy conscious way - helps. It’s not a Google problem, it’s a search industry problem.
I just put "renew driving licence" into DuckDuckGo from the UK and there are two ads before the official Government website. [0]
There's also a hilarious eBay ad on the side offering driving licence renewals!
The first [1] does say several times that it's not the official site, but they are charging a £57.60 fee for submitting something that can be done on the Government's website for free.
The second [2] is also quite clear that it's unofficial, but the price isn't visible, as trying to use the call to action button results in an error message.
Putting in "renew driving licence official" results in similar ads being shown first.
While it seems these sites aren't doing anything illegal, both they and the search engines are profiting from people that don't know better.
I get "Get An IRS EIN Number Here - Online IRS EIN Application ein-gov-online.com" and "Employer ID Number App - Edit, Sign, Print, Fill Online irs-form-ss-4.com".
