Google Alerts are being used by attackers to redirect users towards malicious websites

Google Alerts are content to change detection and notification service offered by Google.

Google sends emails or updated RSS feeds when it finds out that there is new content present in the Google search index that is related to the keyword that the user follows. Suppose a user has set Google Alerts for holiday packages. In this case, whenever there is a new activity related to holiday packages, their price, their inclusions, Google will send an email to the particular user.

Now the attacker will target the keyword “holiday packages”, and include it in a site which is malicious and controlled by the attacker. The user will get an alert email as soon as the attacker places this site in Google search index. When the user clicks the email containing a link to the malicious website, he will be redirected to various malicious pages which will be commanded and controlled by the attacker.

Attackers exploit Google Alert by creating malicious pages with popular keywords. These pages are further placed in the Google search index. The most convenient way which the user should opt for is to specify that the alerts should contain only “best results”. Specifying this will lead to the blocking of newly registered and untrusted sites. This feature could result in blocking of a newly registered site which contains good and important content for the user.

Use NPAV and join us on a mission to secure the cyber world!!

Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *