JAKARTA - Hackers were found disguised as Google Translate to spread the latest phishing campaign, and in the end many victims were successfully molested.
First discovered by researchers from cybersecurity company Avanan, hackers used phishing methods by sending fraudulent emails.
The email claims to have come from the victim's email provider, who stated that if their identity is not confirmed, the user will lose access to the unreaded message.
According to researchers, this is standard practice with phishing emails, due to a sense of urgency that makes people act rashly and then clicks on links or downloads malicious attachments.
To confirm their identities, hackers asked the victim to click on the link provided in the email itself.
When clicked, the victim will be directed to a page that looks like Google Translate.
However, above the page there is a login lock-in box, where the victims must enter their credentials.
The username or combination password entered there will go straight to the hacker.
This attack has unique social engineering at the forefront. It takes advantage of legitimate sites to help get into the inbox. It uses trickery and confusion to confuse security services," explains the Avanan researchers.
Launching TechRadar, Sunday, October 16, researchers stated, the Google Translate page is quite authentic using the JavaCript as well, so it can convince victims.
To survive such attacks, the researchers reminded users to be extra vigilant.
If you find an email demanding immediate action from the user it is most likely a phishing attack and must be handled extra carefully.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
