We had that issue of someone advertising fake clones of our sites specifically to push fake malware ridden payloads. We only got it handled by bugging internal contacts at Google. It sucked and worse we had to bug them for weeks because the attacker was churning through multiple domains and probably over 100 breached Ad accounts by the time they stopped