Google ads push fake Google Authenticator site installing malware

What makes the ad more convincing is that it shows ‘google.com’ and “https://www.google.com” as the click URL, which clearly should not be allowed when a third party creates the advertisement.

Google ads should basically never be clicked at this point.