Dismiss this notice
Avast Premier Photo Caption - [Only registered and activated users can see links Click here to register]

Dismiss this notice
FastestVPN Accounts Giveaway - [Only registered and activated users can see links Click here to register]

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Fake Login pages on Google Translate used to carry out phishing attacks
Quote:Hackers used Google Translate’s branding to hide its URL as an attempt to manipulate web users. Users were tricked into clicking on their fraudulent websites after receiving phishing emails. They were then sent to a Facebook link where hackers stole more of their credentials.

The email subject was a notification to users stating that their Google account was accessed from a new device. A button in the email directed users to what they would interpret as a newly generated Google Translate page. The phishing page link, however, was in the email directly instead of the link to the fraudulent site. So when users clicked anything in the email they were directed to the Google Translate portal page.

Hackers steal users’ credentials
Source: blogs.akamai.com
Viewing this email from a mobile device was harder for users to detect its fraudulency as a user was unable to hover over the screen. In addition, being condensed, it was harder to see the errors. The desktops, however, allowed users to see the imperfections. One was where the Google Translate toolbar was at the top of the phishing page. Hovering over the email revealed further the illegitimacy of the email as it read [email protected]

When a user fell victim to the attack, by typing their username and password, the hacker collected this information and sent it to the attacker. Using this information the attacker went further by sending the same user to a duplicated Facebook. The hacker managed to do this via a script linking the sites together. This was yet another attempt for the hacker to steal more credentials. The Facebook and Google landing page used older versions of the login forms. Other credentials taken throughout the whole attack were Facebook credentials, the user’s IP address and browser type.
[Only registered and activated users can see links Click here to register]
[-] The following 2 users Like Toligo's post:
  • dinosaur07, harlan4096

Forum Jump:

Users browsing this thread: 1 Guest(s)
You have to register before you can post on our site.



Recent Posts
Gmail adds spelling and grammar correcti...
Google rolled out ...silversurfer — 14:18
PokerTracker.com Hacked to Inject Paymen...
A curious case of w...silversurfer — 14:09
Fortnite Ransomware Masquerades as an Ai...
Attackers are taki...silversurfer — 14:09
The SOC 2 audit: What, how, and why?
As you may alre...harlan4096 — 13:44
RogueKiller v13.4.3
==================...harlan4096 — 13:31

Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (48)isyqop
avatar (33)emogig
avatar (35)Isabelle88Nes
avatar (35)ferpuMip
avatar (32)kinotExaro
avatar (44)HerbertPab
avatar (41)Susanskymn
avatar (35)stepaRurry
avatar (40)MichaelPlaup
avatar (33)JasonSoult

Online Staff
silversurfer's profile silversurfer