SSL/TLS Extended Validation implemented in fraudulent domains

People trust green bars, because it is proven to not to be of malicious origin.

This seems to be the questions of hundreds and many are concerned about it, picture that; a team of fraudsters(or at least one), promote their website to many people with the use of Facebook and Twitter advertising who can be easily set up in no time. (1).

The fraudulent websites created a site, looking real etc.. and as already said they have an EV certificate verified implemented. In what ways could such thing be successfully be done, how do certificate distributors verify who that who is(if it can be faked)? (2).