G DATA: Cyber gangsters keep on targeting Google
July 2008 by G DATA
Using a new scam , Internet criminals are currently trying to raise the hit rate of their malware distribution. By telling them that a payment for an ad campaign could not be processed, cyber criminals are trying to lure victims into entering their Google AdWords account credentials at a counterfeited website which is hosted on a Chinese server. Using the stolen access data, the cyber gangsters can set up screen ads at the victims’ expense using the Google AdWords service.
These ads show up in a prominent position next to Google’s search results as a response to certain keywords. These ads could then link to websites which could in turn infect additional victim systems using drive-by-downloads. By cleverly choosing popular keywords, attackers gain an attractive opportunity of wide-spread anonymous distribution of their malicious software. The current example clearly shows that cyber criminals are not only phishing for banking or credit card credentials, but actually targeting almost any type of personal login credentials. Users should pay particular attention when receiving mails that are asking for login credentials. In addition, an HTTP filter should be permanently activated, which provides early detection of phishing websites as well as malware-distributing rogue websites.