iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Spammers Shield Junk With Google Docs
Search:
[ insider_reports_insider ]

Spammers Shield Junk With Google Docs



David Utter
Staff Writer
2008-06-17

SecurityProNews: Insider Reports Insider Reports RSS Feed


Another tool in the arsenal of spammers comes courtesy of a well-meaning service from Google.

Spammers Shield Junk With Google Docs
Spammers Shield Junk With Google Docs

Criminals repeatedly show they will take advantage of whatever is given to them. The latest example comes from the use of Google Docs as part of a spamming campaign.

Security vendor McAfee said spammers have been using Google Docs for simple hosting of their messages. Their spam contains links to a Google Doc, which likely doesn't get picked up as a possible spam site by security software.

On arriving, the visitor finds the usual junk message and its enticements to spend money on pharmaceuticals, penny stocks, or whatever the flavor of the week is from the spammers. McAfee isn't finding much of this spam so far, with only a little over 500 messages linking back to a Google Docs page.

However, with Google as part of the domain name, people may be inclined to trust a link they normally should ignore and delete as quickly as possible.

We've seen another example of Google's good name being co-opted by criminals for their gain. The 'Feeling Lucky' button takes a person doing a search query to the top result for their request.

Spammers created sites that would be the only response to a given, exact query on Google. They could create a link through the Feeling Lucky option that presents the visitor with a list of Google search results, of which only their crafted link appears.

In a spam, the link to that "Google search result" arrives at a perfectly legitimate page. Clicking through the link sends the visitor to the spammer's site; it could lead to an attempt to scam someone with a penny stock pump-and-dump, or even lead to a possible malware infection.

Security pros should remind people that an unsolicited email, even with a safe-looking link included, should be treated like any other suspicious message, by deleting it immediately.


About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds