A fake copy of the Google Web site hosted on a server in the U.S. displays the message: "You WON $400.00 !!!", security monitoring company Websense said in an alert Tuesday. To collect their prize, "winners" are asked to click on to a second page that asks them for their credit card details and address, Websense said.
The fraudulent Web site was advertised in a spammed e-mail message, Websense said. The San Diego-based company's Websense Security Labs has an automated system that scans the Web for malicious sites and sells a product to protect customers against those threats. As with all phishing scams, Internet users in general can protect themselves by being cautious with e-mail and not following links in spammed messages.
Phishing is a persistent problem, but coordinators in the fight against the schemes recently said. A total of 5,259 phishing sites were spotted in August, up substantially from 4,564 in July, according to the Anti-Phishing Working Group. At the same time, the number of spam e-mail campaigns to lure people to phishing sites decreased for the second month in a row, the APWG said.
Scammers have used Google's well-known name before in their schemes. For example, in Septemberinto clicking on phony search results on fake Google, Yahoo and MSN sites.