The security experts at Akamai have discovered a new phishing scam designed to trick you into revealing your account credentials. This one has a new twist, it uses the Google Translate service.
If you aren’t familiar with Google Translate, it’s a service that will translate text into different languages. It’s very handy and these crooks have tried to make good use of it.
A phishing attack is when hackers send out fake messages designed to look like they’re from a legitimate account like your email, bank, or social media. They contain links that trick you into clicking on fake sites and entering your username and password. The crooks then steal your information and often hijack your account or clean out your bank balance.
Here’s how this one works. They send you an email notifying you that your account has been accessed from an unknown device and give you a link to click on. Being security minded, you might just click on that link. Here’s an example of what the writer at Akamai received. If you look closely you might spot the difference from an actual Google notice, but if you’re in a hurry, you might not.
If you click the button in the notice, you’ll be taken to this site that looks somewhat like a legitimate Google log-in page.
But if you look closely, it’s actually a link to a webpage that’s been translated using Google Translate.
If you entered your email and password in the box shown, you’d have been giving your information to scammers.
But these hackers weren’t just content with stealing your Google credentials. If you fall for the scam, they’ll forward you to a site that looks like your Facebook login and ask you to log in there as well.
If you receive an alert like this, you can verify its authenticity by opening up a browser and going to your Google Security page and checking for yourself instead of clicking on a link.
You can find your Google account security information here: https://myaccount.google.com/security