CNET también está disponible en español.

Ir a español

Don't show this again


Google phishing scam promises a $400 windfall

Aims to trick unsuspecting surfers into giving up credit card data by saying they've won a $400 prize from search giant Google.

Fraudsters are using a promise of a $400 prize from Google as bait in a new phishing scam aimed at stealing credit card data, a security expert has warned.

A fake copy of the Google Web site hosted on a server in the U.S. displays the message: "You WON $400.00 !!!", security monitoring company Websense said in an alert Tuesday. To collect their prize, "winners" are asked to click on to a second page that asks them for their credit card details and address, Websense said.

The fraudulent Web site was advertised in a spammed e-mail message, Websense said. The San Diego-based company's Websense Security Labs has an automated system that scans the Web for malicious sites and sells a product to protect customers against those threats. As with all phishing scams, Internet users in general can protect themselves by being cautious with e-mail and not following links in spammed messages.

Phishing on fake Google

Phishing is a persistent problem, but coordinators in the fight against the schemes recently said their efforts appear to be paying off. A total of 5,259 phishing sites were spotted in August, up substantially from 4,564 in July, according to the Anti-Phishing Working Group. At the same time, the number of spam e-mail campaigns to lure people to phishing sites decreased for the second month in a row, the APWG said.

Scammers have used Google's well-known name before in their schemes. For example, in September a malicious program was discovered that redirected users into clicking on phony search results on fake Google, Yahoo and MSN sites.