Fake Data Breach Notifications From Google Alert Leads to Malware

Do you like getting notifications about topics that matter to you? If you employ Google Alerts, you probably know what it feels like to wake up to an inbox full of exciting notifications on various topics. However, just because the service is useful and reliable, it doesn’t mean that you should click on every single notification without any second thought. Why? Because there’s been an onslaught of fake data breach notifications lately, and some of them make use of the Google Alerts engine to reach their targets. We would like to draw your attention to this issue and, hopefully, it will help you secure your personal information against various threats.

What is Google Alerts?

If you don’t use Google Alerts, and you’re just reading this entry to find out more about the issue, we can use this section to inform you that Google Alerts is a service. As you can tell from the name, it is offered by Google and it employs Google’s search engine to provide you with the content. The service uses the search engine data to detect changes in certain topics and search terms. Service users can create their own alerts, by determining the search term they want to monitor.

Consequently, new results are sent to subscribed users by email, and therefore, there is a good chance that users do not think twice before clicking a Google Alerts email because they configure the search keywords themselves. This way, cybercriminals have a chance to exploit this service if they invest enough into putting their content out there.

Fake data breach notifications

When cybercriminals manage to exploit Google Alerts to reach their potential victims, fake data breach notifications land in someone’s inbox, just like any other Google Alerts email. It looks like those emails want to inform the user about the latest security news related to big-name companies. The company names used in this scam include EA, Dropbox, PayPal, Target, Mojang, Ceridian, and several others. By using these popular titles, scammers basically cast a huge net, hoping that the big scope would allow them to catch someone.

And if someone is really checking all the alert messages they receive, they might open an email about data breach, too. Now, what happens when this fake data breach email reaches you and you open it? These emails are used to distribute scam and malware. Therefore, there are bound to be more than just one scam using the same technique. In other words, the links that come with those emails could take you to different places.

Where do the fake data breach notifications lead me?

There is a difference when you paste the link from the notification straight into your browser and when you click the link within the email. Pasting the link into your browser would most often result in some kind of error. Most of the time, it will be the “page not found” error. In some cases, you might also see some text that talks about a non-existent data breach. However, opening these links directly shouldn’t do much damage. The problem arises when users actually click on the links when they are embedded in the notifications.

Depending on the type of scam that users encounter, clicking on the embedded link can redirect them through several websites until they finally land on a fake giveaway page, a fake extension distribution source or some download offer site.

We would like to point out that NOTHING comes for free, so even if you don’t realize that you were exposed to the fake data breach notification scam, it still should ring a few alarms in your head, when suddenly someone offers you something for free. What’s more, it should be obvious that you should NEVER download software from unfamiliar third-party sources. If you want to try out a certain application, you should look for the official vendor’s website instead. By adding an extension to your browser through this redirection link, you would be exposing yourself and your information to potential data collection.

Quite often, extensions are harmless applications, but they could be used to read your browsing history as they tend to employ tracking cookies and other data collecting methods. This doesn’t mean that your personally identifiable information gets stolen automatically, or that you are about to get infected with malware. It might take quite some time before that happens, but you do make it easier for cybercriminals to reach you, if you interact with fake data breach notifications.

How big is the scope of this scam?

We mentioned about these criminals casting a big net, and that’s exactly what we meant. The directory of hacked websites that are used in this scam includes entries on multiple topics. The subjects vary from firmware to libraries and street lighting design, and it takes someone to google the topic for the scammers’ results to rank higher on the list. The higher they rank, the bigger is the chance that someone would access the content directly or through Google Alerts notifications.

It is also relatively easy for them to grab their target’s interest. After all, the links could lead to an online survey that the victims have to complete in order to get some “gift” (again, nothing comes for free!). Users could also see a pop-up that urges them to update their Adobe Flash plug-in, and if you don’t know that the browser support for this plug-in will stop in December, 2020, you might think that you’ve skipped your regular update reminder, and click it.

All in all, it is quite easy to avoid the damage that can be caused by the fake data breach notifications from Google Alerts. As long as you don’t click the links, you’re safe. However, don’t forget to check your system’s security status once in a while, by scanning your computer with a licensed antispyware tool. Also, just like you update your programs, you should regularly update and renew your passwords with a reliable password manager because it minimizes the risk of a potential data breach.

By Foley
October 13, 2020
October 13, 2020

Leave a Reply