Fraudulent websites misusing the name of MBH Bank may have appeared as paid ads on Google's search engine
Budapest, 17 November 2025 – The Hungarian Competition Authority (GVH) has launched a competition supervision proceeding against Google. The GVH suspects that Google Ireland Limited (Google) failed to adequately verify phishing ads on its Google Ads advertising platform, allowing them to appear as paid content and at the top of Google's search results. According to the GVH, this may have contributed to consumers being directed to risky websites or having their bank login details stolen.
The Hungarian Competition Authority found that Google Ireland Limited (Google), a subsidiary of the American tech-giant registered in Ireland, had likely failed to exercise due professional care in operating its Google Ads advertising platform since March 15, 2025. The global technology company likely failed to adequately verify whether the phishing ads displayed complied with its own policies and legal requirements, and failed to block phishing domain accounts in a timely manner, even though it should have recognized their dangerous nature and taken the necessary measures to prevent further deception.
As a result of the above, fake banking websites designed for phishing purposes and misusing the name of MBH Bank Nyrt. – such as mbhbank.nu, mhbbauk.com, mhhbunk.com – appeared at the top of Google's search results as paid advertisements. When users searched for keywords related to MBH Bank Nyrt. (e.g., "MBH Bank login," "MBH netbank"), these misleading ads appeared in prominent positions on Google's search pages, ahead of links to the official website of MBH Bank Nyrt.
According to the GVH, this commercial practice was likely to induce consumers to make transactional decisions that they would not have made otherwise. Google's conduct likely violated legal provisions prohibiting unfair commercial practices.
The initiation of the competition supervision proceeding does not imply that the company has committed the suspected infringement. The proceeding aims to clarify the facts and, where applicable, prove the alleged infringement. The statutory time frame for the procedure is three months, which may be extended twice, each time by up to two months, if justified. The GVH also notes that, under the Competition Act, the period between the authority’s request for information and the company's response is not included in the procedural time limit.
Hungary is one of the safest countries in the world, where online and cyber frauds pose one of the most significant threats to consumers and businesses. Domestic criminal statistics show that the proportion of cyber fraud among criminal offenses is constantly increasing, making its containment a key security criterion. According to data from the Central Bank of Hungary (Magyar Nemzeti Bank – MNB), online frauds and phishing scams caused more than HUF 30 billion in damages to Hungarian residents in 2024.
The official registration number of the case is VJ/42/2025.
GVH Press
Further information:
Bálint Horváth, Head of Communications +36 20 238 6939
Katalin Gondolovics, Press Officer +36 30 603 1170