Hackers disguising malware-ridden links as legitimate Google Alerts

A report by bleepingcomputer, a computer help site, has recently revealed that hackers and fraudsters have been sending out fake data breach notifications holding renowned company names to distribute scams and malware.

These hackers and fraudsters have been using black SEO (a concept used to deliberately mess with search engine indexes), Google Sites, and various spam pages to redirect users to dangerous parts of the internet.

Since Google uses cookies and other user-defined keywords to tailor its alerts to the user’s needs, the service has been unintentionally pushing these scamming websites and malware as legitimate-looking notifications.

According to the report, fake notifications have been seen seemingly coming from websites that have had data breaches in the past; companies such as, “Chegg, EA, Canva, Dropbox, Hulu, Ceridian, Shein, PayPal, Target, Hautelook, Mojang, InterContinental Hotels Group, and Houzz.”

Clicking on any of the links sent through these notifications send the users to pages with, “fake giveaways, download offers for unwanted extensions and malware.” Also, to make it harder for their malicious activities to be detected, these hackers have made it so that navigating directly to their website shows a ‘page not found’ error message or a text-filled page promoting a fake data breach.

The report also informs its readers of a hacked website found containing a directory with 2000+ text files containing specific keywords. This directory allegedly helps these hackers by using black SEO to increase the ranks of these pages so that they show up higher up on the list in Google search results. Google Sites, a free and easy-to-use website generation tool, is also being used by these hackers to generate their own websites.

Google has been alerted of this security threat and users have also been warned to think twice and verify the credibility of each notification before clicking on it.