Quickpost this image to Myspace, Digg, Facebook, and others!
We all know that Google, the Mountain View super search giant, communicates with its users by phone or by email every time users have to be informed about important matters. And if the emails’ subject concerns AdWords, Google’s money machine, the message is bound to be important and has to be read as soon as possible. Some Internet users have received recently a "Google" notification asking them to "update their billing information". Hmm, quite weird I would say, Google has never contacted me before in order to request such a thing.
The phishing email
Let’s have a closer look at the email message: it is titled "Please Update Your Billing Information" and seems to be sent by adwords-noreply[at]google[dot]com. The text message reads: "Dear Google AdWords Customer! In order to update your billing information, please sign in to your AdWords account at https://adwords.google.com, and update your billing information." The end of the email, "Sincerely, The Google AdWords Team ," could make you swear that the message came from Google.
The real / The fake page
OK, and now the juicy info. As you can see in the adjacent pictures, the links are supposed to get you to the Google AdWords page. There’s even the https URI scheme meant to represent a secure HTTP connection. However, moving the mouse over the link (without clicking it!), shows the real link in the status bar of your browser/email client: http://adwords.google.com.*****.cn/select/Login/. That’s right, it’s a fake domain hosted in China. Classic, I would say but let’s see some other details.
Clicking on it gets you to a fake Google AdWords website that looks similar to the genuine one. In case you’re one of those naïve folks out there and you simply avoid looking in the address bar, you may be tempted to enter your AdWords information. As you can see by yourself, the address bar reveals the real URL of the website, other than the genuine Google one.
The real / The fake page
Getting back to the https syntax, the website doesn’t really reveal any security measure. Moreover, the real link of the fake website actually contains the http syntax so it’s obvious that leaving the page without entering your information would be a smart choice. But let’s see how this page is different of the genuine Google website. Clicking anywhere on the Google AdWords website brings you the https URI scheme, informing you that you’re 100 percent safe while browsing it. Have a look at the adjacent pictures.
The email claims it was sent by a Google official. However, analyzing the email’s headers proves that the phisher wasn’t too focused on hiding his identity. Beside other information, we got his IP which reveals the fact that the phisher has sent the fake emails from Amsterdam. However, we can’t know for sure if the sender was an infected computer, part of a botnet, or the actual scammer.
I guess it’s obvious that this is just a phishing scheme and a pretty smart one considering the fact that it attempts to trick you by using several genuine-like elements such as the links included in the email address or the message text which may lure you in disclosing your credentials. However, it uses the same classic and old-fashioned phishing techniques like the fake URL and fake website similar to a genuine one.
Firefox already provides protection against the website
So, next time you receive a suspicious website asking for your credentials, do not disclose them unless you check twice that revealing the information keeps you on the safe side; don’t forget to check the links in the status bar BEFORE you click on them; install any security software that may help you in identifying phishing websites; look for the https syntax in the address bar of your browser; contact the service provider just after you notice you’ve been tricked.
While I was writing this article, the Firefox guys have already added protection for the phishing website so every time a Mozilla user visits the page, he’ll get informed that it’s not a genuine one. We’re still waiting to see similar action from Internet Explorer. Hopefully, the page gets shut down as soon as possible.
Saturday, March 22, 2008
Fake Google Email Attempts to Steal Your Money - Extra-care is recommended
Subscribe to:
Post Comments (Atom)
5 comments:
Hi,
Global economies are feeling pain due to USA recession and now major outcomes are coming to prevent slowdown. Still USA is a hub of financial services and most of the banks in USA are bank corrupt now which is effecting every country.
Indian stock market is trading at the almost same levels where it was 2 years back. All gains of 2 years are now washed out in few months. Most of the Indian stocks are trading at there 52 weeks low.
Now investors are thinking that this is the right time to invest there valuable money for value buying still we suggest investors to stay away from market for few more days as still market is in bearish trend and we may witness more downfall before recovery.
For any doubt please feel free to ask us.
Thanks
Regards
SHARETIPSINFO TEAM
Hi,
Global economies are feeling pain due to USA recession and now major outcomes are coming to prevent slowdown. Still USA is a hub of financial services and most of the banks in USA are bank corrupt now which is effecting every country.
Indian stock market is trading at the almost same levels where it was 2 years back. All gains of 2 years are now washed out in few months. Most of the Indian stocks are trading at there 52 weeks low.
Now investors are thinking that this is the right time to invest there valuable money for value buying still we suggest investors to stay away from market for few more days as still market is in bearish trend and we may witness more downfall before recovery.
For any doubt please feel free to ask us.
Thanks
Regards
SHARETIPSINFO TEAM
Hi,
Stock market India is volatile and all those who speculate in market are loosing everyday. Please remember stock market is not for speculation purpose. If one feel investing in stock market is gamble then its better to think again.
One should always note that if they want to invest money they should do proper research be it fundamental research or technical research. Just think how come you can invest
your money without any convincing reason for the same?
Indian stock market is one of the most happening and emerging market. Major Indian stock exchanges are BSE and NSE and both are of world class standards.
So grab good stocks and invest that’s the bottom line.
We hope to see you in major profits.
Regards
SHARETIPSINFO TEAM
Thanks ever so much, very useful article. Great information! Very smart, thanks for kindly sharing it with us. Very well done indeed. If you do not mind, please visit my article related to pandeglang district in Banten, Indonesia at Kenali dan Kunjungi Objek Wisata di Pandeglang or Kenali dan Kunjungi Objek Wisata di Pandeglang and information about district Banten Indonesia Banten dan Kabupaten Pandeglang
Find your great Travel News and sing the songs at Free Song Lyric or you can watch the drama at Korea Drama Online one of great korea drama is A Love to Kill if you go to travel to Indonesia learn Learn Indonesia Language first! And find your home cari rumah or make a blog Belajar membuat Blog find your home again rumah dijual and again at jual rumah then if you want buy a new laptop see the Laptop Price List or you can buy a New Blackberry and then take care your Health & Jewerly.
Post a Comment