Spammers bypass spam filters with Google Translate links
Posted on 29 March 2013.
Google Translate is the latest trick in spammers' arsenal for bypassing email spam filters, warn Barracuda Labs researchers.


Spam filters work by evaluating (among other things) the reputation and the destination of links included in emails, so spammers are attempting to bypass the filters by making the first "jump" to a instinctively trustable Google domain, and then to a poorly maintained URL shortener.

"Clicking on the link sends us to Google translate. Google translate fetches the shortened URL and follows it to playandstudy.org, a hacked wordpress-based website in France. Playandstudy.org returns Russian text that translates to "Redirected to the requested page..." and Google translate displays that on its page in an iframe," the researchers explained.

The attack ends up with the user finally being redirected to a rogue pharmacy site.

The researchers point out that the trick does not work all the time, making them believe that Google may be implementing code that defeats "framebusting". In any case, users are advised not to inherently trust similar links, especially when they are delivered in unsolicited emails.









Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //