tech2 News Staff
11. February 2019 15:58:15 IST
Digital giants have worked hard to protect information and protect their users' credentials, but phishing attacks remain a problem. While phishing scams are often attempted via e-mail, there are reports that Google Translate is used for phishing attacks to attack both a user's Google and Facebook credentials.
According to a report, this recent phishing scam attempts to take over Facebook and Google's user credentials via Google Translate. According to Larry Cashdollar, a security researcher from the Akamai Security Intelligence Respond Team who first discovered it said he made Google's phishing site Google Translate look like a Google domain.
Cashdollar found that an email was sent containing a suspicious Google alert informing him of an unrecognized Windows device that was used to log in to his Google Account. The phishing emails appeared as alerts with the subject "Security Alert" as described in the report.
The researcher first saw the emails on the phone, but did not open them on the phone but tried to check the email on his laptop. The red flags, which turned out to be "obvious" in the laptop, showed that the body of the email contained a standard notification from which forwarded it to a link to take steps and the unusual activity in its account check. The link was for a malicious website that led users to submit their credentials to Google.
Finally, I can collaborate on some research with @ SteveD3 -> Phishing attacks against Facebook / Google via Google Translate – Akamai Security Intelligence and Threat Research blog https://t.co/0oif3jBKOa [19659007-LarryWCashdollar(@_larry0) February 5, 2019
Obviously, the phishing activities obscure the The malicious website link was first executed by Google Translate. This was done to get the malicious link website started with translate.google.com. If you are not too attentive, this means a real side.
"The use of Google Translate does a number of things: it fills the URL bar (address) with a lot of random text, but the most important thing visually the victim sees a legitimate Google domain, which in some cases is the criminal one However, this obfuscation method can succeed on mobile devices (the landing page is an almost perfect clone of Google's older login portal), it fails completely when viewed from a computer, "said Cashdollar on the Akamai. Blog .
If you're not too careful, he or she will share his Google credentials with the attacker.
If you fall for this scam, the attacker initiates a second attack – your Facebook account is attacked – by asking you to provide your Facebook credentials by showing you a Facebook Mobile login screen. The phishing scam then collects information, including IP address, location, additional personal information, etc.
The phishing e-mail is distributed using the e-mail ID: firstname.lastname@example.org. This should arouse your suspicion – why would you use a & # 39; Facebook & # 39; email ID with & # 39; Hotmail & # 39; refer to your Google Account?
Google has not commented on the problem yet. However, be more vigilant when opening links or emails that inform you of unknown devices about your Google applications. Check the link when you receive such emails.
Phishing scams regarding the GDPR (General Data Protection Regulation) DSGV, which spread malware and steal personal information, have attracted attention in the past year. Researchers from Cybersecurity Company Redscan discovered the phishing scam in an e-mail sent by hackers who were disguised as Airbnb customer support.
Tech2 is now on WhatsApp. Sign up for our latest WhatsApp services. Just go to Tech2.com/Whatsapp and click the Subscribe button.