Malware in the form of an advertisement in Google or other search engine results is not uncommon. We recently reported on a case involving a shady ad impersonating AMD for a user simply looking to update their graphics driver.
As spotted by a user on the Linus Tech Tips forums, the FBI posted a new Public Service Announcement (PSA) earlier this month, explicitly calling out this issue.
As per the PSA.
Cyber criminals purchase advertisements that appear within internet search results using a domain that is similar to an actual business or service. When a user searches for that business or service, these advertisements appear at the very top of search results with minimum distinction between an advertisement and an actual search result. These advertisements link to a webpage that looks identical to the impersonated business's official webpage.
Where it gets interesting is that one of the recommendations that the FBI suggests individuals take is to install an adblocker. Specifically, an "ad blocking extension" for their browser of choice. As most internet browsers support the use of adblockers, the FBI sees this as a viable method to avoid getting hit with malicious ads that are, in fact, malware and potential privacy threats.
The FBI also lists the tried-and-true methods of knowing what you're clicking on before clicking, double checking URLs, and bypassing search engines to visit official sites directly via typing in addresses manually.
These malicious ads, like most ad placements, appear at the top of the page - meaning they're very easy to mistake for actual search results. The FBI notes that the most common forms of these fake ads relate to finance and cryptocurrency exchange platforms, where users are prompted to log in and provide personal information, "giving criminal actors access to steal funds."