[laken]

an attacker could purchase google ads for "chɑse.com" (note the unicode "s" instead of "s"

[knolax]

Isn't the homoglyph the IPA "ɑ" character used in place of Basic Latin "a"? The homoglyph URL attack also has some downsides because Unicode is only supported for domains through an extension system, most browsers will convert the above to "xn--chse-r5b.com" after you visit the link.

[why_only_15]

Seems unlikely google would let scammers with fake domains purchase ads, though maybe they have in the past.