:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/KUHPWOKMCRERPJ2FZFTTWGQECM.jpg)
The cybercriminals now they are using the links to Google Translate to spread phishing through email platforms. To do this, they take advantage of the fact that users usually look at the links before entering one, since it is a usual security measure to recognize threats.
“In theory, it could be that the sender of the email is inviting you to visit a site in a different language and is trying to be helpful. In practice, however, this technique is most often used to bypass antiphishing mechanisms”, Kaspersky says in a report.
The cybersecurity company urges you to quickly delete these types of messages. “If the message is part of business correspondence and the site that opens after clicking the link wants you to enter your email credentials, close the browser window and delete the email immediately”, he adds.
LOOK: What happens if your WhatsApp number appears in a data leak put up for sale by hackers?
How are cybercriminals taking advantage of Google Translate?
According to the report, these emails are often related to money. “The senders of the email allege that the attached file is a kind of payment document at the exclusive disposal of the recipient, which must be studied for a ‘contract meeting presentation and subsequent payments’. The ‘Open’ button link points to a site translated by Google Translate. However, this becomes clear only by clicking on it”, indicates.
Although these messages have not been sent manually, they do use legitimate email services, SendGrid being the one used in the investigated campaign. “Services of this type usually protect their reputation and regularly remove phishing email campaigns and block their creators. That is why attackers run their links through Google Translate: ESP’s security mechanisms see a legitimate Google domain and don’t consider the site suspicious. In other words, it is an attempt to not only fool the end user target, but also the intermediary service filters.”, he assures.
That is, taking advantage of the fact that Google has a website that translates entire pages, the link changes. “Google Translate [Traductor de Google] allows you to translate entire websites by simply passing it a link and selecting the source and target languages. The result is a link to a page where the original domain has a hyphen and the URL is supplemented with the translate.goog domain, followed by the name of the original page and keys indicating which languages the translation was made into”, concludes the company.
In this way, they circumvent the antiphishing systems of email platforms and also users, since the name of Google generates trust in most people. Thus, to prevent these types of threats, users should look for other indications that the message is from a cybercriminal and not just check the link.
Source: Elcomercio
I have worked in the news industry for over 10 years. I have a vast amount of experience in writing and reporting. I have also worked as an author for a number of years, writing about technology and other topics.
I am a highly skilled and experienced journalist, with a keen eye for detail. I am also an excellent communicator, with superb writing skills. I am passionate about technology and its impact on our world. I am also very interested in current affairs and the latest news stories.
I am a hardworking and dedicated professional, who always strives to produce the best possible work. I am also a team player, who is always willing to help out others.
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/X6YAWAFREBEPTJYPJGCVOWL3LM.jpg)
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/KEUASNGDRFBJFC7HCSINB4Q3WA.jpg)
