logoalt Hacker News

StableAlkyneyesterday at 1:52 PM8 repliesview on HN

> I typed the project name into Google, and my repository appeared in the results. I entered the same query into Bing, and someone else’s repository appeared in the results

Side story, this kind of thing is what made me stop using Bing.

I had been using it as the default for searches (it sucks, but it's at least not Google), until I landed on a phishing page for my bank (I haven't committed it to memory yet). The page was a near perfect copy, and I would easily have gotten pwnd by it if they didn't have a modal asking me to run some code in my terminal for "security activation" that made me go "that's a little odd... Is this the right address OH SHIT that's a .ru domain"

I never see Google return phishing pages or typo squatters in the first page. Bing constantly returns that stuff in the first several results.

Replies

sureglymopyesterday at 4:04 PM

I've seen it many times on google where the phishing sites were advertised results stickied above the results they impersonate.

Another good reason to use ublock origin!

weird-eye-issueyesterday at 1:56 PM

This is where password managers are useful because they would refuse to fill in login information since the domain doesn't match

show 4 replies
spicyusernameyesterday at 2:55 PM

    at least not Google
Is one giant mega-corp better than any other?

You're going to have a hard time convincing me the answer is yes.

swatcoderyesterday at 5:20 PM

> I never see Google return phishing pages

Maybe you're not looking or maybe you're lucky.

Either way, many of us see it happen all the time there too. For GitHub especially, I almost never get the canonical repo for a project in my Google results. Phishing or innocuous, it's almost always some fork at the top and then a bunch of non-github.com sites.

Search is more or less "cooked" now, as they say. Google vs Bing vs DDG vs Kagi is mostly in the noise.

abc123abc123yesterday at 2:54 PM

Why would you go to your bank by first searching for it? Sounds very insecure to me. I type my banks url directly instead, or if that gets tedious, store it as a bookmark.

I know several people who search for important sites, click uncritically on links, and get scammed. This is not so good.

chrisweeklyyesterday at 2:41 PM

speaking only to search quality: try Kagi.

mrguyoramayesterday at 7:48 PM

>I never see Google return phishing pages or typo squatters in the first page

Our company constantly has phishing copies of our real pages as first results in Google. We have no ability to get them taken down. It costs us serious money every year, and hurts our customers who get swindled because Google lets some brand new domain registered yesterday come before the company that has existed for 20 years.

If you haven't seen it on google, you aren't looking hard enough.

astronodevyesterday at 2:00 PM

[dead]