Google Alerts Used In Malware Scam

It has been reported that hackers have been able to spread malware using fake news stories via the Google Alerts service.

Google Alerts

Launched in 2003, Google Alerts is Google’s content change detection and notification service which sends emails to a user when it finds new results (e.g. web pages, newspaper articles, blogs) that match the search terms that a user has set up an alert for.

The Scam

Recent reports indicate that fraudsters are using fake news stories based around popular keywords to create malicious pages.  When the pages are indexed by Google’s search and appear in users’ Google alerts, users may be tempted to click on them because they trust Google Alerts, and the stories look as though they may be relevant.

The Trap

Clicking on the stories, however, delivers users to the malicious pages/sites which are loaded with malware, browser notification spam, unwanted extensions, and fake giveaways.

Fake Updates For Adobe Flash

Most recently, it has been reported that fraudsters have been using Google alerts to direct users to pages which then re-direct them to a page warning them that their Adobe Flash Players need updating.  Clicking on the fake update link/button delivers malware.

Flaw

One important flaw in this latest scam is that many people may know that Adobe Flash reached its end of life on 31 December 2020 so there can’t be any updates.

Same Thing Last Summer

This is not the first time that fraudsters have tried to ride the coattails of Google’s credibility and use Google Alerts to spread malware.  For example, there were reports in June 2020 that fraudsters were using Google Alerts to spread fake news about data breach notifications, purporting to be from companies like EA, Dropbox, Hulu, and PayPal, to distribute malware and drive users to scams.

What Does This Mean To Your Business?

The basic premise of this latest scam is similar to phishing in that users are being re-directed to fake/malicious pages after clicking on what appears to be a relevant link from (what appears to be) a legitimate company.  The difference, in this case, is that it is more personalised to users because they have set their own Google Alerts, users may be far more trusting of Google alert links (and less suspicious as they may have been if the link had arrived in an email) and Google Alert links may get around some of the protections that normal emails offer. Individuals and businesses should, however, always be vigilant and careful, even with what appear to be trusted links. Keeping anti-virus and software patches up to date can help but if a user ends up at a page that appears suspicious or where there are unwanted pop-ups or downloads, the procedure should be to close the browser window and alert the company IT security team/the person who oversees IT security to make sure that no malicious software has been downloaded.