Crooks 'Launder' Spam Emails Using Google Translate
CREDIT: Google, Inc.
Hackers are well-versed in taking advantage of people's trust for reputable sites, but it turns out that they can also play on the sympathies of email clients. By hiding malicious links in Google Translate, hackers can fool spam filters into allowing messages through to an inbox, and users into clicking on them.
The emails themselves are not especially clever or likely to fool anyone, relying on the standard poor grammar and spurious claims of cheap drug prices, according to research from the Barracuda Labs Internet Security Blog. However, just getting into a user's inbox is a triumph for spam artists.
Email clients and providers generally filter out a good deal of spam based on potentially dangerous links. Google Translate, however, is a perfectly safe site, and is more likely to land an email in an inbox than a spam folder. Unfortunately, spammers know this, and can use Google Translate to make a "translated" version of the webpage. This feature is incredibly useful when trying to read a press release in Japanese, but considerably less so when it bypasses email safety protocols to hide a malware-infested junk site.
Worse still, the infected pages employ a technique known as "frame busting." If a consumer translates a page, there is usually a Google bar on top, which shows it has been translated and offers additional options. Once users reach the first page, it automatically launches a second page — for bogus pharmaceuticals, for instance — without Google Translate's restrictions. [See also: Spam: What It Is, and How You Can Stop It]
Google Translate is only the latest weapon in spammers' arsenals when it comes to hiding harmful links. Yahoo offers a similar service, which shortens URLs for Twitter and other short-form Web communications. A shortened URL is not necessarily suspicious, especially when it links back to a Yahoo site, which makes this kind of deception particularly troubling. Spammers use this service in conjunction with the Google Translate trick.
Avoiding the tainted sites is easy, as the emails still look very much like traditional spam; the only problem is that they may arrive in your inbox instead of your spam folder. Manually deleting them may be a nuisance, but chances are good that email providers will discover a fix before too long.