We already have witnessed the innovativeness of criminal hackers in exploiting various services to bait users. From regular email phishing to tech support scams, the hackers leave no stone unturned to conduct their nefarious activities. Once again, a similar venture has made it to the news. This time, the scammers exploit Google Alerts to trick users.
Scammers Exploit Google Alerts
According to BleepingComputer, a new phishing scam is in the wild. This time, the scammers exploit Google Alerts – a service that updates users as per their interests.
Google Alerts work by notifying users whenever a new page (potentially) of their interest appears online. These notifications can either reach the user via emails or RSS feed.
As per the details revealed, the scam exploiting Google Alerts services involves the appearance of malicious web pages on Google search. As these pages appear into the Google search index, they eventually make it up to Google Alerts too.
Subsequently, users are likely to click on these links considering them relevant to their interest. Then, it is also possible that the users fall prey to the underlying tech support scams or phishing scams. As stated by BleepingComputer,
When a user clicks on a link through a Google Alert or via the Google search engine…, they will be redirected to a malicious site.
This scam is going on for quite some time targeting various niches such as TV, movies, fashion, or even ransomware.
Configure Google Alerts In The Right Way
While one cannot certainly stop the appearance of fake, malicious or spam web pages on Google search, a regular Google Alerts’ user can certainly figure out a safe way.
Precisely, users can limit the RSS feed or alerts to reputable websites only. In this way, they will not receive alerts for low-quality links or spam web pages. To do so, simply select the “Only the best results” option in Google Alerts Settings, as shown below.
Make sure to never to click on any offers, coupons, or tech support links from untrusted sources. Likewise, never share your personal, business, or financial data with any website that you reach via indirect means such as email or referral links.