Cenzic 232 Patent
Paid Advertising
web application security lab

Google Redirects Help Phishers Again

The site is down now, but I got yet another phishing email using Google redirection to hide the real address that the user is being forwarded to. Sorry for the super long line (had to break it up): http://www.google.com/pagead/iclk?sa=l&ai=Br3ycNQz5Q-
fXBJGSiQLU0eDSAueHkArnhtWZAu-FmQWgjlkQAxgFKAg4AEDKEUiFOVD-
4r2f-P____8BoAGyqor_A8gBAZUCCapCCqkCxU7NLQH0sz4&num=
5&adurl=http://211.240.79.30:2006/www.paypal.com/webscrr/index.php

Google has been notoriously bad about fixing these issues, even after admitting a few times that it was an issue. As a matter of fact I don’t know of a single example of where they really have fixed these issues at all, other than blocking a single URL. Not a great track record. The reason being it’s far too difficult to fix them than to leave them there, even if it hurts their consumers, and their own brand in the process. Anything for a buck, I guess.

One Response to “Google Redirects Help Phishers Again”

  1. TerrorBite Says:

    I just clicked on that link, and I was taken to the following page, which I assume is a Google page (text between [] were hyperlinks):

    Redirect Notice
    The previous page is sending you to [http://211.240.79.30:2006/www.paypal.com/webscrr/index.php].

    If you do not want to visit that page, you can [return to the previous page].