Categories: News

A phishing campaign uses Google News as a lure

A clever phishing campaign uses Google News to trick users. This impersonates Google’s news website, by using homographic characters. Thus, attackers redirect unsuspecting users to phishing pages. In these attacks, American Standard Code for Information Interchange (ASCII) letters replace the original characters. This usually goes unnoticed by users.

Phishing attacks using ‘Google.news’

Avi Lumelsky demonstrated the attack. So, he explained using a popular brand name ‘Google News’. He mentioned that the URL uses a homographic character as its first character: ‘ɢoogle.news’, in order to Phish Users’. This looks similar to the original URL – ‘google.news’, although it is different. In fact, in 2016, someone bought ‘Google.com’, in order to use it for phishing purposes. But the researcher also discovered other several fake URLs that impersonated other Google domains. Some of these are: ‘ɢoogle.company’’; ɢoogle.email’; ‘ɢoogle.tv’; ‘ɢoogle.life’ or ‘ɢoogletranslate.com’.

Apart from Google, several other fake domains were also registered. For this, attackers used some well known domain registrars such as GoDaddy and Namecheap.

What the attackers do

These kind of attacks, called homograph attacks, are one of the best weapons. Using them, attackers’ purpose is to steal login credentials and tokens from users. Moreover, attackers could also inject a malicious script into the hijacked HTTP body and execute it on a client browser connecting the fake website.

But the attack isn’t limited to Google. It can also affect other top brands. So, Lumelsky highlighted that “Until there is a solution out there, every big company or service will have to secure their domains and assets, by spending lots of money on similar domain names.” So, the best prevention for companies is to start buying any domain name that might be used by villains to impersonate the original websites.

Users can defend themselves

In order to avoid losing money or online banking credentials, we all have to pay more attention to the links we click on. So, before we access a website, we should make sure that we only use small letters. Also, before clicking a link, we should hover the mouse over it and check the spelling. As a phishing campaign uses Google News, attackers could do this using other big brands’ domains.

Laurentiu Titei

Laurentiu, a creative content writer, has been producing articles about technology for more than 10 years. He is interested in all the security and internet news and his mainstream media background helps make them readable for all kinds of users. Moreover, he grows the appropriate social media channels for websites.

Recent Posts

Digital Advertising practices, under the pressure of fines

Its digital advertising practices continue to bring troubles for Google. Two separate cases will go to court in the UK…

2 years ago

Advertising discrimination, addressed by huge companies

WPP, Delta Airlines, Kellogg and Mindshare take the issue of advertising discrimination seriously, in order to combat bias in digital…

2 years ago

Ad fraud might hit $100B, advertising companies worry

Ad fraud has become a very big issue for both users and the advertising agencies. Different forms of it might…

3 years ago

The ad-based business model: Would Facebook change it?

The Facebook lead architect of the ad-based business model leaves the company. Let's see how her move could affect company's…

3 years ago

Here it comes: New Meta privacy policy. Does it matter?

A new Meta privacy policy comes soon for the company's platforms. Users would be notified of the updates about how…

3 years ago

Advertising company: ”Our customers don’t like ads”

As its “customers don't like ads,” Evite, an American online party planner, decided to just close its advertising business, while…

3 years ago