Scammers use Google Translate to create spoof login pages

A clever use of Google Translate fools victims into believing spoofed authentication requests are being handled by Google itself.

Compromising credentials are the number one staple in any cybercriminal’s book of activities, according to the Verizon Data Breach Investigation’s Report. A new phishing scam uses Google Translate to hide spoof logon pages when asking a user for their Google credentials. The user is sent a supposed Google Security Alert about a new device accessing their Google account with a “Consult the Activity” button to find out more.

The user is then taken to a spoofed Google logon page (shown below).

2-5-19 - phish-2
 

Random text in the URL

The kicker is that instead of seeing the mediacity.co URL, the cybercriminals use Google Translate to display the page, taking advantage of the random text Google uses, filling up the URL bar and obfuscating the malicious domain.

This type of campaign, given the specific execution, seems rather well-thought out. As long as the victim has a Google account and does not check the from address in the original email, there’s a solid likelihood they will fall prey to this scam, providing their Google credentials.

Google has since blocked the site

Cybercriminals are constantly looking for new ways to compromise both online and on-premises credentials – as they provide the means to access data, applications, and resources useful to further a criminal campaign. Organizations need to educate users with Security Awareness Training to be watchful for phishing and online scams, providing detail on what to look for, and how to avoid becoming a victim.

Cyber Safety Net is a KnowBe4 partner. Reposted with permission from https://blog.knowbe4.com/new-phishing-attack-uses-google-translate-to-spoof-login-page-and-fool-victims. Cyber Safety Net – Keeping you safe online. See https://cybersafetynet.net/cyber-security-awareness-training/ to train and strengthen your human firewall. See https://youtu.be/UFpFesrcnvY and https://www.knowbe4.com/security-awareness-training-features/ to learn more.