Fraudsters are using black SEO, Google Sites and spam pages to push fake data breach notifications impersonating big name companies in an effort to distribute malware and scams.
As reported by BleepingComputer, Google Alerts help to spread these fake notifications as the service monitors search results looking for user-defined keywords. To spread their malware, the scammers either created pages or used compromised websites to combine the term data breach with well-known brands.
The news outlet has seen fake breach notifications for many companies including EA, Dropbox, Hulu, PayPal, Target, Mjoang and more. However, what ties all of these companies together is the fact that they have all fallen victim to a data breach in the past.
- Lock My PC fights tech support scammers with free recovery keys
- Beware - that Google email may be a phishing scam
- Beware - these are the global hotspots for coronavirus malware
If a user clicks on any of the links picked up by Google Alerts, they end up going to pages with fake giveaways, download offers for unwanted extensions and malware. The fraudsters have made it harder to detect their malicious behavior though by making it so that these pages don't directly reveal the true nature of their campaign. Instead, users may see a “page not found” error or a text-filled page created to promote a fake data breach.
Ranking higher in search results
BleepingComputer also discovered a hacked website containing a directory with around 2,000 text files which contain specific keywords in order to promote a topic in Google's search results. The information inside these blobs of text was copied from public sources and covers a wide variety of subjects. When a user searchers for a certain topic online, the scammer's results rank higher in search results and are more likely to be clicked on.
In addition to using compromised websites, the scammers may also set up their own pages and in many cases they used a free tool from Google called Google Sites to do so. When a user clicks on a Google link for one of these fake pages, the link actually redirects them through multiple addresses before the final site is reached.
The scammers also used fake Adobe Flash update notifications to spread their malware. These fake alerts popped up in both Google Chrome and in Mozilla Firefox. Fake giveaways were also used by the scammers to lure potential victims.
To prevent falling victim to these scams, users should remain alert online, especially when clicking on links in search results, and remember that if something seems too good to be true, it probably is.
- Keep your devices protected with the best antivirus software