LOADING ...

Don't Fall for This New Google Translate Phishing Attack

Rhett Jones Feb 08, 2019. 6 comments

Sometimes, the most effective hacks are the simplest hacks. The technique of targeting users’ email accounts with malicious links that gather personal data is one of the oldest and most successful hacks around. And now, you should be on the lookout for phishing emails that are using Google translate to mask their nefarious nature.

Phishing emails use a variety of approaches that all have the same goal: Convincing you to click a link before you’ve properly investigated whether or not it’s safe. This week, a security researcher at Akamai outlined a novel phishing approach that they recently encountered in their inbox that attempts to use Google translate links to mask disreputable links.

In January, the researcher received an email informing them that someone had attempted to access their Google account on an unrecognized Windows device. They first saw the email on their phone and didn’t recall using a new device so they moved over to a laptop to look into it. Red flags became more apparent when the researcher was no longer staring at the minimal mobile interface.

The body of the email contained what looked like a standard notification from Google directing them to click through to take further steps. The link was for a malicious site designed to trick a user into giving up their Google login info. But in an effort to disguise the link, it was first run through Google translate, meaning if you previewed the URL it began with “www.translate.google.com” For inattentive users, this might give the appearance of legitimacy. Clicking the link takes you to a page in Google Translate’s interface and still carries the Google URL in the browser navigation bar. Anyone who doesn’t notice the true URL in Google Translate’s search bar could easily be convinced that the login screen asking for their credentials is perfectly legitimate.

The good news is this particular hacker gave many other clues that they were orchestrating a scam. First of all the email came from “facebook_secur@hotmail.com.” Why would Facebook security be contacting you about your Google account and why would they use a Hotmail address to do it? But even if you didn’t notice that, after you completed the Google sign in, you might start getting suspicious when the malicious site next sends you to a Facebook login screen in an attempt to pull off a two-for-one scam.

We’ve reached out to Google to ask if this attack is common and if it has tools in place to help prevent it. We’ll update this post when we receive a reply.

Yes, the attack is sloppy and the hacker’s greed might alert even novice users to contact Google in order to correct their error immediately. But these types of criminals are normally targeting thousands of potential victims with the hope of at least snagging a few unlucky people in their trap. Attempting to get multiple logins in one try is risky, but if you’re going to go phishing, you might as well try to catch the biggest phish possible.

[Akamai, ZDNet]

6 Comments

Other Rhett Jones's posts

Rotten Tomatoes Diversifies Its System In Huge Tomatometer Overhaul Rotten Tomatoes Diversifies Its System In Huge Tomatometer Overhaul

Rotten Tomatoes has faced criticism from filmmakers and fans alike for the way its Tomatometer scale of ranking films as “Fresh” or “Rotten” skews audience expectations. On Tuesday, the critic review aggregator made some big changes to its scoring system and added a ton of new “Tomatometer-approved” critics to mix things up. We’re sure that this will piss off...

As Massive Outage Plagues Facebook, Telegram Welcomes Millions of New Users As Massive Outage Plagues Facebook, Telegram Welcomes Millions of New Users

Slowly but surely, it appears that Facebook is getting its “family of apps ” back online. The consequences of the longest outage in the company’s history, however, remain to be seen. On Thursday, one of Facebook’s underrecognized competitors, Telegram, said that it added three million new users in the last 24 hours. When it comes to Facebook’s long-term plans,...

What Does Trump's Weird Tweet About '6G Technology' Even Mean? (Update) What Does Trump's Weird Tweet About '6G Technology' Even Mean? (Update)

Sometimes a leader comes along who inspires us to push harder, go farther, and dream big. On Thursday, President Donald J. Trump tried to become that kind of leader, calling on Americans to develop “6G” technology. We think. The message wasn’t particularly clear. We’re all working through it.This morning, the president used his executive time to tweet out a...

Sesame Street's VC Arm Dips Its Furry Fingers Into Tech Education [Updated] Sesame Street's VC Arm Dips Its Furry Fingers Into Tech Education [Updated]

Most adults couldn’t even explain the basics of how the blockchain works, and Sesame Street is determined to make sure that won’t be a problem for the next generation. The children’s edutainment series has a venture capital firm that has now invested in a company that wants to give kids the building blocks of cryptocurrency.It’s certainly an uncomfortable feeling...

Suggested posts

Hackers Reportedly Break Into SyTech, a Contractor for Russia's Federal Security Service Hackers Reportedly Break Into SyTech, a Contractor for Russia's Federal Security Service

Hackers breached servers at a contractor for Russia’s Federal Security Service (FSB), SyTech, and stole about 7.5 terabytes of data after gaining access to the company’s entire network earlier this month, ZDnet reported on Saturday.According to ZDNet, the hacking crew in question goes by the name 0v1ru$ and also defaced the Sytech website with a “yoba face,” the Russian...

Report: NSO Group's Pegasus Spyware Can Break Into Cloud Services, Transmit User Data to Server Report: NSO Group's Pegasus Spyware Can Break Into Cloud Services, Transmit User Data to Server

Israeli spyware company NSO Group’s powerful Pegasus malware—the same spyware implicated in a breach of WhatsApp earlier this year—is capable of scraping a target’s data from the servers of Apple, Google, Amazon, Facebook, and Microsoft, according to a report in the Financial Times on Friday.According to the Times, “people familiar with its sales pitch” as well as leaked sales...

Google Yanks Seven Stalkerware Apps Discovered by Security Researchers From the Play Store Google Yanks Seven Stalkerware Apps Discovered by Security Researchers From the Play Store

Google has yanked several apps from its Play Store after cybersecurity firm Avast identified them as “all likely designed by a Russian developer to allow people to stalk employees, romantic partners, or kids,” CNET reported on Wednesday.The seven apps—listed as Track Employees Check Work Phone Online Spy Free, Spy Kids Tracker, Phone Cell Tracker, Mobile Tracking, Spy Tracker, SMS...

Sheryl Sandberg: The Teens 'Consented' to Putting Facebook Spyware on Their Phones Sheryl Sandberg: The Teens 'Consented' to Putting Facebook Spyware on Their Phones

On Tuesday, news broke via TechCrunch that Facebook ran a sketchy “Research” program involving paid participants who downloaded an app onto their phones that was capable of monitoring virtually everything that they did—including in some cases teens as young as 13, who were recruited via social media ads that appeared designed to keep Facebook’s involvement low-profile. The app appeared...

Report: All Four Major Mobile Networks in the UK Are Using Huawei 5G Gear Report: All Four Major Mobile Networks in the UK Are Using Huawei 5G Gear

UK telecoms aren’t taking warnings from U.S. intelligence agencies that telecommunications gear produced by Chinese tech giant Huawei could pose a security risk incredibly seriously, at least according to a report from the Observer, which reported on Saturday that all four major carriers in the country are currently or are planning on using Huawei networking gear for their rollout...

Hacker Used Raspberry Pi to Steal Sensitive NASA Docs Hacker Used Raspberry Pi to Steal Sensitive NASA Docs

Turns out a tiny Raspberry Pi was at the source of a big headache for NASA. An audit released by the NASA Office of Inspector General on June 18 reveals that an early 2018 cyberattack utilizing one of these mini-computers resulted in a hacker making off with restricted documents. If you’re not familiar with Raspberry Pi, it’s a small...

Florida City Fires IT Employee After Paying $460,000 Bitcoin Ransom to Hackers Florida City Fires IT Employee After Paying $460,000 Bitcoin Ransom to Hackers

Lake City, Florida paid out a bitcoin ransom worth $460,000 to hackers who disabled the city’s computer systems with sophisticated ransomware last month, hot on the heels of a $600,000 ransom paid out in similar circumstances by Riviera Beach, Florida just weeks later. Now, as flagged from local media reports by ZDnet on Monday, the city has fired its...

The Winklevoss Twins Want $32 Million in Allegedly Stolen Bitcoins Back The Winklevoss Twins Want $32 Million in Allegedly Stolen Bitcoins Back

A former Bitcoin tycoon who served a year in prison for his role facilitating transactions on the Silk Road digital drug bazaar is being sued by none other than the Winklevoss twins, the HarvardConnection creators famous for suing Mark Zuckerberg for allegedly stealing the idea for Facebook from them.According to the New York Times, Cameron and Tyler Winklevoss find...

Chernobyl, Schrödinger’s Cat, and Telegram Terrorists: Best Gizmodo Stories of the Week Chernobyl, Schrödinger’s Cat, and Telegram Terrorists: Best Gizmodo Stories of the Week

Happy Sunday evening! Hopefully the events of the last week have been going better for you than YouTube, which spent an impossibly long time flailing around like a Wacky Waving Inflatable Arm Flailing Tube Man after refusing to remove videos of a conservative internet personality taunting a journalist with racist, homophobic harassment. Hopefully the week also went better for...

Google Has Lawsuit in Illinois Over Facial Recognition Scanning in Google Photos Dismissed Google Has Lawsuit in Illinois Over Facial Recognition Scanning in Google Photos Dismissed

Google has had a lawsuit in Illinois over its facial-recognition software thrown out, with a judge dismissing the case on the grounds that the plaintiff in the case did not suffer “concrete injuries,” Bloomberg reported on Saturday. The ruling puts to rest one of three lawsuits against major tech companies for alleged violations of the state’s Biometric Information Privacy...

Language