Advertisement

Scammers Promoting 'Miracle' Gummies Exploited Websites for Harvard, WHO, Texas Govt., Others

Almaje/Getty Images
Almaje/Getty Images

Since at least February 2023, Snopes has been investigating scammers' exploitation of the websites of various organizations and schools/universities, as well as digging into an effort by some to misuse Google's search results to drive consumers to visit scammer-created content on those sites.

The scammers' identities are unknown but their goal is clear: to promote snake-oil claims while attempting to lure consumers into paying for pricey monthly subscriptions for bottles of supplements, specifically what the scammers often call "miracle" CBD and keto gummies. For example, the scams falsely claim gummies were endorsed by numerous celebrities and prominent medical doctors, and can help to "reverse dementia," "cure diabetes" and "melt fat fast without diet or exercise."

While Google doesn't have the ability to manage the content on the websites being exploited, the company does have the ability to address exploitative content appearing in its search results. By email, a spokesperson for Google told us it was attempting to implement improvements to address these issues. A full statement and more information from the company is available at the end of this article.

Which Organizations and Schools Were Exploited?

Over the past 14 months, we observed scammers gaining access to websites associated with the following organizations and institutions, all as part of an effort to promote the gummy scams: the World Health Organization (WHO), the official government website for the state of Texas (ptot.texas.gov), Harvard University, Columbia University, University of Florida, Barnard College, University of Michigan, Minneapolis Public School District, Pennsylvania Virtual Charter School, Indiana University, University of Massachusetts' UMass Chan Medical School, Ohio State University, University of Pittsburgh, University of Washington, Art Museum of South Texas, Sundance Institute, Loyola Academy, Texas State Aquarium and Boston Teachers Union, for example.

We repeatedly emailed the leadership of all of these organizations and institutions to alert them to the unauthorized activity and to offer education and assistance to ensure the content was removed, all in an attempt to save consumers both the headache and heartache of being scammed. Many of these websites' owners appeared to be unaware of the improper access before we reached out to them. Most of the aforementioned websites' issues have since been resolved.

These scammers look for exploits on major websites usually ending in .edu, .org or .gov, that either were not entirely secure or had an open and easy-accessible function to create or upload content, likely because the scammers believe such domain suffixes have some authority in results rankings on Google. In other words, once the scammers create content on a website ending in one of these domain suffixes, they hope it has a good chance of showing up near the top of Google search results for searches about the gummies. Basically, the scammers are "piggybacking" on the purported prominence and credibility of the websites and are likely hoping no one notices.

How Do the Scams Work?

The content scammers create on the sites redirect consumers to a fake Facebook website designed to look like a post on the social media platform. The redirect might instead take consumers to a fake, professional-looking article bearing the unauthorized design and logo of a major news publication, such as USA Today, CBS News or Fox News. These fake Facebook websites and fake articles are meant to fool consumers into believing they are looking at something trustworthy. However, a glance at the browser's address bar will show the consumer is not on usatoday.com or foxnews.com but instead a scam website.

For example, in March 2024, scammers found a way to exploit the website of the University of Michigan (umich.edu). Specifically, the scammers appeared to have discovered an exploit on a subdomain about the history of the university, on historyofum.umich.edu. (For readers unaware of what a subdomain is, "historyofum" is the subdomain. Meanwhile, "umich.edu" is the domain.)

Here's how the scammers appear to hope everything goes down: First, a consumer hears false claims about keto gummies being good for weight loss or perhaps sees a scammy paid advertisement on Facebook or Instagram falsely claiming keto gummies were endorsed by Oprah Winfrey, Kelly Clarkson or the investors on the TV show "Shark Tank," even though no celebrities have ever endorsed keto gummies for weight loss.

Next, the consumer decides to search Google for reviews about keto gummies, such as with the search phrase "keto gummies reviews." On the first page of Google search results, the consumer finds links claiming to go to historyofum.umich.edu. (Some of those links may also appear in the form of YouTube video thumbnails.)

These results for the University of Michigan's website are an example of the kind of redirect links scammers create to fool consumers.

If consumers click on one of those links (or YouTube video thumbnails) bearing the name of the university, they will be nearly instantaneously redirected through the school's website and then to a completely different website created by scammers (example: bestketoacvgummies.com) that might show a fake Facebook website with a post about Clarkson or a fake CBS News Baltimore article, for example.

Scammers attempt to fool consumers with completely fake promotions on websites that resemble Facebook and news publications.

After consumers read through the website where they landed from Google, they will click one final link leading them to the last page of the scam. On the last page – the product-order page – the consumers fill out their credit card information and place an order, likely unknowingly roping themselves into monthly subscription charges of hundreds of dollars a month. This page's terms and conditions documentation often lacks a phone number (example: Proton Keto + ACV Gummies via buyprotonbrands.com) and instead shows a blank where the number should be, as if it was purposely plucked out. Obviously, a consumer not being able to locate a phone number for customer support complicates the effort to cancel an order and obtain a refund.

Statement from Google

Snopes emailed WHO, Harvard University, Texas state government and University of Michigan, to see if they had any comment regarding the scam, since they are prominently featured in this story. We did not hear back by press time but will update this story later if we do.

By email, a spokesperson for Google told us the company is "actively rolling out improvements that will help address these types of queries, which are often referred to as data voids – topics where there's not a lot of high quality information available to rank, and which are susceptible to low quality content." They also provided an article with more policy information and shared the following statement:

While there are bad actors who attempt to circumvent our protections, Google's systems are highly effective at surfacing high quality information and fighting spam and scams. Our advanced spam-fighting systems keep our search results helpful and 99% spam free. We continue to improve our spam fighting capabilities to address these types of scams, which target less common queries that are susceptible to low-quality content.

We also contacted the Federal Trade Commission to ask if it was investigating the origins of these gummy scams — part of the commission's mission statement says it seeks to keep "protecting the public from deceptive or unfair business practices." We will update this story if we hear back.

Sources:

"Mission." Federal Trade Commission, 10 Mar. 2021, https://www.ftc.gov/about-ftc/mission.

"New Ways We're Tackling Spammy, Low-Quality Content on Search." Google, 5 Mar. 2024, https://blog.google/products/search/google-search-update-march-2024/.