Post reply

News:

--> Devnullius's Choices: A list of default programs to keep your PC running well!

Samker's Computer Forum - SCforum.info »
World TOP Headlines: »
Latest Security News & Alerts »
Post reply ( Re: Phishers Mimic Google Adwords )

Post reply

Name:
Email:
Subject:
Message icon:

[quote author=Samker link=topic=1537.msg2237#msg2237 date=1209884565]
[img]http://www.sixthsense-esp.co.uk/pulse/feb06/photo-google-adwords.jpg[/img]

Google Adwords account holders are being targeted by criminals out to trick them into handing over credit card information using a clever URL spoof that has gained popularity in recent weeks.

On the face of it, the scam follows a traditional attack route involving the sending of spam e-mail to random Internet addresses in the hope of finding users who have purchased Adwords. The e-mail claims that the user's account payment has failed and asks them to "update payment information", again a transparent ploy by today's standards.

As obvious as this might sound, the unwary might easily be tricked by the convincing http:// adwords.google.com/select/login link embedded in the e-mail, a perfect copy of the correct Google login address. This one, however, actually leads to http://www. adwords.google.com.XXXX.cn/select/Login [address altered], an obfuscated address that directs to a site associated with IPs in Germany, Romania, and the Czech Republic.

The site is a good copy of the real Google Adword site, and appears to let users login using their real account details -- any account details will work, in fact. Entering payment details results in that information being posted using an SSL link to a remote server after which the account will ripped off.

The attack has been publicized by security software company Trend Micro, but the disarmingly simple scam is widespread enough to have been received by ordinary users in recent days.

Google Adwords exploits are not uncommon, some involving serving exploits directly, others involving the much more basic social engineering techniques used in the latest attack. Indeed, the latest phishing attack bears a strong resemblance to a near-identical campaign launched a few weeks back by Chinese criminals.

As common as 'account update' attacks have become, the spoofed -- in other words, convincing -- URL is still the key to reeling in victims. Criminals seem to have realized that users are paying more attention to such details, and that phishing success bar has been raised by this.

(Copyright by PC World)
[/quote]

Attachments and other options

Return to this topic.
Don't use smileys.

Verification:

Type the letters shown in the picture

Listen to the letters / Request another image

Type the letters shown in the picture:

Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview

Topic Summary

Posted by: Samker

« on: 04. May 2008., 08:02:45 »

Insert Quote

Google Adwords account holders are being targeted by criminals out to trick them into handing over credit card information using a clever URL spoof that has gained popularity in recent weeks.

On the face of it, the scam follows a traditional attack route involving the sending of spam e-mail to random Internet addresses in the hope of finding users who have purchased Adwords. The e-mail claims that the user's account payment has failed and asks them to "update payment information", again a transparent ploy by today's standards.

As obvious as this might sound, the unwary might easily be tricked by the convincing http:// adwords.google.com/select/login link embedded in the e-mail, a perfect copy of the correct Google login address. This one, however, actually leads to http://www. adwords.google.com.XXXX.cn/select/Login [address altered], an obfuscated address that directs to a site associated with IPs in Germany, Romania, and the Czech Republic.

The site is a good copy of the real Google Adword site, and appears to let users login using their real account details -- any account details will work, in fact. Entering payment details results in that information being posted using an SSL link to a remote server after which the account will ripped off.

The attack has been publicized by security software company Trend Micro, but the disarmingly simple scam is widespread enough to have been received by ordinary users in recent days.

Google Adwords exploits are not uncommon, some involving serving exploits directly, others involving the much more basic social engineering techniques used in the latest attack. Indeed, the latest phishing attack bears a strong resemblance to a near-identical campaign launched a few weeks back by Chinese criminals.

As common as 'account update' attacks have become, the spoofed -- in other words, convincing -- URL is still the key to reeling in victims. Criminals seem to have realized that users are paying more attention to such details, and that phishing success bar has been raised by this.

(Copyright by PC World)

Terms of Use | Privacy Policy | Advertising

SMF | SMF © 2019, Simple Machines
TinyPortal © 2005-2012
XHTML
RSS
WAP2