Someone created a dodgy Google ad to advertise my own website online

Google Ads

Wow! What are you saying? Someone created a dodgy Google ad so that my website can be seen by more people and so that I get more business? Yep!

This has come to my attention as I heard about it on one of the SEO groups I follow on Facebook. Someone reported seeing the same thing with his own website. But then it happened to one of our websites!

Look at the screenshot below, it’s a Google Search for “cambridge photographers” in an incognito Chrome browser. The “cambridgephotographers.co.uk” website has got a prominent place for this search. Top of the maps, and top of page one in the organic search results, and it has been like that for a while. Now look at the bottom of the page, and you will notice the same website shown as a PPC Ad this time, but with a strange and not very well written copy. Worse of all, we never posted this ad ourselves. So someone else is paying for this ad to be shown on Google Search, but for which purpose?

Google Search

Check the Ad: “Professional Photographer – Cambridge Photographer” confusing title, as the site is about “Cambridge Photographers” and the title refers to a lone “photographer”, but worse, the text below the title looks like it has been written by a robot at best, especially the second part “Cambridge is Home to Professional Photographers with High-Quality Equipment”! What a load of rubbish! Not in keeping with the company brand or message. And confusing for its customers. Also, badly written ads, aiming at influencing the Ad Rank are one of the known factors to take websites off the top spot if they are top of the first page of Google.

If I click on the Ad, it goes straight to our own website. But now, note the phone number (0333 numbers are not premium numbers and cost the same as a landline to call), you would have thought that the person in charge of this campaign would have put their phone numbers there to reap the rewards of their own advertising… But no, ringing that number from our landline, calls our mobile phone. So the person who is doing this is paying money every time someone clicks their ad and calls the number. The mystery thickens.

Google Ads support

So the next port of call would be Google Ads support, even though they are very busy and understaffed in Covid times, they are still pretty good at responding. Do not bother calling them, I tried, and was bounced around a few times. Email them instead: ads-support@google.com

So I emailed Google Ads support and explained the issue. The first reply I got back was the following:
“Please know that to investigate this ad, I would request you to provide us the clickstring of an ad so that we can investigate that from which account is this ad serving.”

Basically to get the clickstring (the URL that takes the user to the website) of an ad, CTRL+click on the link of the dodgy Ad (on a Mac) and choose “Copy Link Address”, and I got this link: “https://www.google.com/aclk?sa=l&ai=DChcSEwjTpN7A_LLxAhWW4ncKHepAAKkYABAAGgJlZg&ae=2&sig=AOD64_3MHnePdxBQrUSC2CxzX1v4d2Q3bA&q&adurl&ved=2ahUKEwiBl9bA_LLxAhUShVwKHYL1BJUQ0Qx6BAgCEAE” and sent it to Google Ads support. They also asked me for an email address with which I could have had access to the campaign account, in case it was my own (forgotten ad account), but then they could not pair that email address with the dodgy account.

Once they had the clickstring, Google Ads support identified the dodgy account: “Please know that post investigating with our internal resources, we can see that the ad is appearing from the Google Ads account 3959587XXX.” But they could not give me access to this account straight away for obvious privacy reasons.  They also cannot stop the ads from being shown.

I indicated to them that I thought that a person was only able to create Google ads for the domain name in their GMB profile. But it seems “Google Ads can be created by GMB profile or by using a website as the final URL”.

They also indicated: “I’ve contacted the existing admins on the Google Ads account you are requesting access to 3959587XXX and have asked them for permission to add your email address to this Google Ads account. If we do not hear back from them within 2 business days, you can follow the steps below to get access to your Google Ads account. ”

Steps to prove I am the owner of my own website

So I was asked to do the following by Google Ads support:

“In order for us to grant your email address access to Google Ads account 3959587XXX, you will need to prove your affiliation with your company domain. This can be done in 2 different ways: (1) by requesting account access for an email domain that matches your company domain or (2) by proving ownership of your company domain:

  1. By requesting account access for an email domain that matches your company domain (e.g. @companyname.com). If your email address domain matches your company domain, please follow the steps below:
    1. Respond back to this email from the email address that matches your company domain with the following text: “Please add my email address XXX@gmail.com to the following Google Ads account 3959587XXX with Admin access.”
  2. By proving ownership of your company domain. Please follow the steps below to prove ownership of your company domain:
    1. Create a .txt file and save it as: Google-Ads.txt
    2. Include the following string of text in this text file:  “GooGhywoiu9839t543j0s7543uw1. Please add XXX@gmail.com to Google Ads account 3959587XXX with Admin access – Date 25/06/2021.”
    3. Upload this text file to the root of each of the domains from which you’re requesting access. You’ll append “Google-Ads.txt” to the end of your URL. For example, if your site URL is http://www.example.com, the uploaded file will look like this: http://www.example.com/Google-Ads.txt

I did both to make sure all was good. So we are now Friday (25th June @ midday), I will hopefully get an answer from the owner of the dodgy account to be added as Administrator by Sunday lunchtime, in 2 days’ time, and will let you know how it goes. By any means, if I get access to it, I will take screenshots of my discovery of that dodgy ad. Bear with me.

Gaining access to the dodgy Google ad account

Finally, 10 days after providing the info necessary to Google Ads support to access the dodgy ad account, they sent me an email (July 6) to say that my email address had been added as an administrator of that account! At that point, the excitement to find out who had created this campaign was an understatement.

Once I clicked the link from Google Ads support and clicked Continue (after being warned that the owner would be notified of my arrival on their account – I pondered doing it in the middle of the night to avoid being chucked out immediately), I was added as an administrator, so I went straight to Tools & Settings > Billing & Payments > Settings to find the name and address of the culprit:

So I immediately noticed there was an error in the postcode, as Cambridge postcodes are CB1, CB2, etc, and not CB1C. Also, Milton Road is in the CB4 area. So a totally bogus address and a possibly bogus name, as a Google search did not return anything concrete.

I then went to Tools & Settings > Billing & Payments to find how much was spent on advertising.

£93.14 was “spent” showing the ad, but the “scammer” was not billed as when Google went to charge for the ad, the transaction was declined. So it seems they had no issue adding the card (that must have been working at the time) to the account with a bogus name and address, advertising a website that was not theirs…

Clicking View Transactions in the Transactions section takes you to the following screen:

Note the added fees for “Turkey Regulatory Operating Cost” (same for Spain). Googling that sentence brings this explanation “As of 1 November 2020, a 5% Turkey regulatory operating costs will be added to your next invoice or statement for ads served in Turkey. The regulatory operating costs are being added due to significant increases in complexity and cost of complying with regulations in Turkey.” as if the ads were somehow served in Turkey and Spain. Also, note the “credit card expired” mention at the bottom, when the card expiry date was August 2021 in the previous screen.

So to sum up, someone other than us created a badly written Google ad for one of our own websites, the ad was clicked 284 times and shown 29,200 times, the number called 33 times (but we received them all)! They did not pay for it as the transaction bounced. So what was the end game?

Something else revealed something interesting. I created a report of the “Searched term” that every user that clicked on the dodgy ad had searched for beforehand, and it showed a variety of searches, some borderline crazy: “lode ki photo”, “lode photo”, “rtrtrtrt photos”…

It also explained some weird calls I received around that time from people having found the dodgy ad after searching for something totally different, but I had, at three phone calls, asking for “Old Street photography”, and “Kittle photographic”, from genuine people who had either an appointment or ongoing orders with those businesses, and could not remember the details, google for those companies and were served the dodgy ad.

Conclusion

The only plausible explanation is that it could be a campaign to get my site off the top of Google’s page one in the organic results, by advertising for the website and not paying the bill, Google could then decide to remove my site from the search results until the bill is paid, or forever! 

I booked a wedding because of this ad and got a few nuisance calls out of it, but if anyone reads this post and has had to deal with a similar case in the past, I would love to hear from them. I will add more to this post, if and when I find out more about it. Thanks for reading.

Menu