Google Adwords - a messy situation

It seems that, following an investigation last week by Exploit Prevention Labs, the reputation of Google's Adwords system has taken a battering.

As I've reported on here before, Adwords is a low-cost way of individuals and small businesses promoting their products and services via the Google search engine.

In return for a few pence per click, anyone can get their Web site right up there in the Web search results with a sponsored URL route.

And the anyone is the root cause of the problem, as IT security software vendor Exploit claims to have uncovered hard evidence that malware distributors are using adverts placed via Google's automated AdWords system to infect unsuspecting end-users with virus code.

According to Roger Thompson, Exploit's CTO, the malware brokers used fraudulent advertisements for legitimate organisations such as the Better Business Bureau to trick users into clicking on the links.

Exploit says it only discovered the malware URLs after one of its customers noticed suspicious activity using the software maker's secure Web surfing application.

After a weekend of apparent inactivity, Google claims to have solved the problem by terminating the Adwords accounts of the hackers in question, as well as installing extra systems to sniff out Adword routes to malware and other infected Web pages.

Having said this, the root cause of the problem is Adwords' business model, so it's difficult to see how Google can make its Adwords service totally watertight against these sorts of scams.

Which is something of a Catch 22 situation for the Web search giant. Given their incredible revenue stream, though, I don't feel sorry for them...