Cyberattackers Spoof Google Translate in Unique Phishing Tactic
The campaign uses a combination of tactics to fool both end users and email security scanners.
Attackers are spoofing Google Translate in an ongoing phishing campaign that uses a common JavaScript coding technique to bypass email security scanners. Leveraging trust in Google Translate is a never-before-seen approach, researchers said.
Researchers from Avanan, a Check Point Software Company, uncovered the campaign, which uses the coding technique to obfuscate phishing sites to make them appear legitimate to the end user as well as fool security gateways. The phish also uses social engineering tactics to convince users they need to respond quickly to an email or face having an account closed, according to a blog post published today.
The messages direct a user to a link that directs them to a credential-harvesting page that appears to be a legitimate Google Translate page, with a pre-populated email field that requires only that a person enter his or her password to log in.
The campaign is an example of a number of current, increasingly more sophisticated tactics that threat actors are using in contemporary phishing campaigns to fool both more savvy end users who have become familiar with malicious tactics, as well as email scanners that delete suspicious messages before they get through, noted Jeremy Fuchs, an Avanan cybersecurity researcher and analyst.
"This attack has a little bit of everything," he wrote in the post. "It has unique social engineering at the front end. It leverages a legitimate site to help get into the inbox. It uses trickery and obfuscation to confuse security services."
"Urgent Plea"
Researchers observed a Spanish-language email being used in the campaign, which begins — as most phishing messages do — with social engineering.
In this case, hackers make an "urgent plea" for a user to confirm access to his or her account by informing them that they are missing out on important emails and have only 48 hours in which to review them before they will be deleted.
About the Authors
You May Also Like