Advanced phishing attack on Google

NEW DELHI: Websense Security Labs that investigates Internet threats has
reported of an advanced phishing attack on the Google pages. The latest alert

mentions that users are being shown a spoofed copy of the Gmail login page with

a message claiming, "You WON $500.00!" The message states that this prize money

will be delivered to an e-Gold, PayPal, StormPay, or MoneyBookers account of

their choice.






If users select an account, they are informed that this prize money is only
available to "premium members" of "Gmail Games." The page states that "Gmail

Games" membership requires an $8.60 registration fee, and then asks users to pay

the registration fee or forfeit the $500 prize money. Users are directed to an

actual payment site to deliver the registration fee.






This phishing site is hosted in the United States and was up at the time of this
alert. This is a sophisticated variant of Google phishing witnessed in November

05.






In November 05, a phishing attack that targets users of Google's search engine
was reported by Websense Security Labs. Users were redirected to a spoofed copy

of Google's front page with a large message claiming "You WON $400.00 !!!".

Users were presented with instructions for collecting their prize money. These

instructions direct users to enter their credit card number and shipping

address. Once the information had been collected, users were directed to Google

legitimate website.






Last month, Websense Security Labs had discovered that the Google website
hosting service "Google Pages" was hosting malicious code. There were no reports

of a lure from this location, however experts considered the attack to be either

be in the setup phase or not widely distributed at that point of time.






Commenting on the phenomenon, Surendra Singh, head South East Asia and India,
Websense, said, During the last month, we witnessed two malicious incidents that

have combined the use of telecommunications and the web. The only way for

business to protect their employees against these ever-evolving threats is to

have a web security solution that updates against these attacks in real time.








In June, Websense received reports of users being lured to install malicious
code via Short Message Service (SMS) messages. Victims receive an SMS message on

their mobile phone, thanking them for subscribing to a fictitious dating

service. The message stated that the subscription fee of $2.00 per day will be

automatically charged to their cell phone bill until their subscription is

cancelled at the online site. Users who visited the site to unsubscribe from the

service are prompted to download a Trojan bot. The site does not attempt to

exploit any vulnerability; instead, the attacker provides instructions to bypass

the Internet Explorer security warning prompt.






An incident of Voice Phishing was also reported in June targeting customers of
Santa Barbara Bank & Trust.






© CyberMedia News