Phishers target flaw on Google

Phishers target flaw on Google

Scam redirects web users to malicious malware sites

Cybercriminals are using a loophole in Google’s website to redirect users to malicious websites that try to install malware on their PCs, security software developer McAfee has found.

This type of scam is not new, having been used on Yahoo and Microsoft's MSN sites before, but the success phishers have had using this technique means it is becoming increasingly prevalent.

The scam exploits a so-called open redirect on Google’s website. McAfee said earlier this year it found that spammers were using Google page ads in HTML-formatted emails to redirect users to their sites.

It thought the Google page ads were being used to conceal the actual URL and subvert traditional anti-spam detection techniques. However, it seems the linked URL can be changed to point to any site, as no validation appears to be carried out at Google’s end.

This open redirect lets anyone craft a link that looks as if it leads to the search engine, but actually goes elsewhere on the web.

McAfee Avert Labs researcher Vinoo Thomas said on his blog: “Although this type of technique is not necessarily new, the problem is that Google is not preventing the redirects to such sites.

"Google must be aware of this redirect abuse, and it’s hard to understand why they don’t prevent these redirects working for known bad file types or for spam and malware sites.”