Fraudsters are utilizing Google Sites, black SEO as well as spam pages for pushing fraudulent data breach notification impersonating huge name firms in an attempt to distribute scams and malware.
As per a BleepingComputer report, it was Google Alerts that help spread these fraudulent notifications while it monitors the search results seeking keywords that are user-defined. In order to spread the malware, these scammers created either pages or utilized compromised sites to combine term info breach with renowned brands.
BleepingComputer has seen fraudulent breach notifications for several firms including Hulu, Dopbox, EA, Target, Mjoang, PayPal and more. But, a common factor among these companies is that they’ve all been a victim of data breach previously.
If one user clicks on any link that Google Alerts picks up, they will end up landing on the pages that have fake giveaways and install offers on unwanted extensions as well as malware. In fact, it’s difficult to detect the malicious behavior as these pages do not really show the real nature of the campaign to the users. Instead they might see ‘page not found’ error or one text-filled webpage developed to advertise fraudulent data breach.
Hence, to stay safe from such scams, make sure that are alert online, particularly when you click on links displayed in the search results.