Scammers are improvising new methods to trick visitors into visiting phishing domain names.
The new method is utilizing Google Translate, that converts a malicious link into something seemingly innocent.
Akamai security researcher Larry Cashdollar, exposed the new domain scam last week:
“Using Google Translate does a number of things; it fills the URL (address) bar with lots of random text, but the most important thing visually is that the victim sees a legitimate Google domain. In some cases, this trick will help the criminal bypass endpoint defenses.”
In this example below, the displayed page is that of Google account login, or so it seems.
In fact, it’s a malicious page hosted on a .co.in domain name, that attempts to fool visitors into surrendering their account credentials.
Clicking on email links for sites manifesting they are email providers, bank accounts or other important portals, is a recipe for disaster.
Always type in the primary domain name of your intended destination, and log in at the generic prompt as opposed to clicking on emailed links.
For details on this new domain name scam, visit the Akamai blog.
