Google shows fake government sites that redirect to betting houses (Android)

[email protected]

Google Search Results Promote Fake Government Websites Redirecting to Betting Platforms: An Emerging Security Concern

In recent weeks, users have reported a troubling trend: Google Search results are presenting links purportedly from official government or educational institutions, such as .gov.br or .edu.br domains, that are unrelated to the search query. More alarmingly, these links, when clicked, automatically redirect users to online betting platforms without any intermediate warning or page.

The Phenomenon: Fake Authority Sites Leading to Malicious Redirects

For example, a user searching for “Campeonato Brasileiro Série B 2003” observed that one of the top results was from the official website of the Instituto Federal de Passo Fundo (ifsul.edu.br). However, clicking on this link did not lead to the genuine site. Instead, it instantly redirected to a betting platform—entirely bypassing the legitimate content.

This pattern appears to be consistent across different searches involving official or educational domains, which are often used for credible and trustworthy communication. The redirection happens seamlessly—without any warning or intermediate page—and seems to be a result of malicious web scripting or SEO manipulation.

Investigations and Troubleshooting Steps Taken

Several steps have been undertaken to diagnose this issue:

  • DNS Settings: Static DNS configurations on the Wi-Fi network were tested, with no change in behavior.

  • Browser Modes: Incognito mode in Chrome did not mitigate the issue.

  • VPN Usage: Using various VPN services did not alter the results.

  • Security Software: Antivirus scans (e.g., Dr.Web) found no threats.

  • System Settings: Checks on host file modifications, permissions, WebView settings, and Chrome configurations yielded no anomalies.

  • Cross-Platform Testing: Notably, searching via DuckDuckGo bypassed these problematic results; however, pasting the direct suspicious links into DuckDuckGo also led to the same redirects—indicating that the redirection is embedded within the URLs themselves, not platform-dependent.

The Core of the Issue: Search-Generated URLs and Injected Content

A particularly puzzling aspect is that, despite the link pointing to the official domain, clicking it redirects immediately to the betting sites. Furthermore, the URLs appear to incorporate the exact search terms, even highly specific ones, suggesting a script that reads the search query and dynamically injects or modifies link destinations.

Interestingly, accessing these domains directly—by typing their

Share this content:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *