Phishers are using Google Translate to mask their dubious URLs
Hackers have gotten extremely good at making phishing emails look legitimate, but still struggle with the websites they phish from. A savvy user can spot a fake URL a mile away.
Generally, if a user takes one look at the URL they’re being asked to click on, the phishing game is up. That’s why hackers have taken to hiding their content behind a Google Translate URL. This still doesn’t exactly look legitimate, but may be just enough to trick users on mobile where the URL is compressed enough to pass a quick glance.
Akamai security researcher Larry Cashdollar found himself targeted last month and has written about his experience on the company’s blog. On desktop, there were enough alarm bells to warn a savvy computer user, but on mobile everything is truncated and could easily appear legitimate to someone panicking about their security – especially when there’s no option to hover over URLs to check where they’re actually pointing.
Related: Best free antivirus
Once the link is clicked, it takes victims through to a phishy URL obfuscated by a Google Translate URL, which further muddies the waters on mobile. “Using Google Translate does a number of things,” Cashdollar writes. “It fills the URL (address) bar with lots of random text, but the most important thing visually is that the victim sees a legitimate Google domain. In some cases, this trick will help the criminal bypass endpoint defences.”
This particular attack feels pretty unsophisticated. Once you’ve entered your credentials, it kicks in with a second phishing attempt, this time trying to get you to log in to your Facebook account. This weird behaviour feels entirely counterintuitive, probably triggering more users to figure out what’s happening and move quickly to change their password.
But it’s still a worrying sign of things to come. Hackers know that more of us are using mobile than ever before, and a more sophisticated cybercriminal could clearly use the limitations of the medium to take advantage. When combined with standard social engineering techniques, that could prove depressingly effective.
Have you been targeted by hackers using Google Translate? Let us know on Twitter: @TrustedReviews.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
