These kind of phishing attacks are everywhere, but typically hard to algorithmically detect as most of them are made up as images, which computers struggle to analyse. I’m happy to see Google ramping up its efforts to identify these kind of scams; I’ve been tricked into clicking through on these faux popups once or twice. Everyone has, I think. What’s sort of weird, though, is that these scams are very common on Google’s own AdSense network. Ironically, its Safe Browsing team will be flagging a lot of content that its own servers publish.