Wow, this is a remarkably simple ploy from the scammers. Combining Google's own ad account policies to serve a Display URL of ads.google.com, and a Google hosted microsite on sites.google.com to get past the automated ad approvals and pose as Google in their own ad results.<p>Should be a fairly simple fix for Google to blacklist sites.google.com from their ad tools, though perhaps they want to let people spin up ads on microsites like that as a boostrapped way of running ads without their own site?<p>To be fair they probably should blacklist any mention of Google in an ad and use a Brand registry to manually verify anyone who wants to use their trademark in ad URLs or copy.
The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads<p>You knew Google Search had issues? Meet Google Ads' evil twin :D