Fake Google Translate site becomes a tool for phishing campaigns

October 19, 2022
Google Translate Fake Website Phishing Cyber Threat Campaigns

Google Translate has become the latest vector for phishing campaigns as threat actors are spotted using the popular tool to bypass email security scanners. In this identified campaign, the operators used a coding technique to disguise the phishing websites as legitimate. The operators also employ social engineering tactics in convincing victims to respond to their emails.

The email sent to the victims includes a message directing them to a link that opens a fake Google Translate page where their credentials are bound to be harvested. The victims are then asked for their passwords on the malicious page to proceed since the email field on the form has already been typed in.

 

Hackers using fake Google Translate sites are only one of the many sophisticated tactics for modern phishing campaigns in the wild.

 

Experts explain that hackers using Google Translate as a lure for phishing campaigns is a tactic to trick users, even those familiar with suspicious phishing tactics, into becoming victims. These new tactics also aim to bypass email security measures that detect and delete suspicious email messages since the Google Translate tool is a trusted platform for many.

One of the campaigns observed that utilised this tactic is a Spanish-themed email that begins with social engineering. The hackers were seen pleading with the recipient to confirm access to their account about important email notices and that they only have 48 hours to act before their account gets deleted.

The security experts said the email’s content is compelling, and its urgency could force someone to act immediately. Furthermore, the link the victim could open displays a convincing Google Translate replicated page that people could easily mistake as real. Although if a user observes more closely, the URL of the opened page is completely different from the authentic site address of those from Google.

Closer investigations of the fake page will further reveal more clues that indicate its inauthenticity, including its HTML background codes. Thus, people who receive such email messages should be more vigilant as threat actors attempt to be more deceitful in their phishing operations.

Phishing tactics are still actively operated by phishers in the wild, including the new fake Google Translate campaign. The wisest countermeasures against these malicious campaigns are still avoiding opening links from unknown senders, avoiding entering sensitive data on suspicious sites and forms, and reporting phishing attempts to authorities.

About the author