find us on facebook!

Emex 3

High Speed Verifier
Mailing List Wizard

Outlook Extractors
IMAP Extractors
  

Spammers Misuse Google Translate for Evading Anti-spam Filters


April 8, 2013

According to security researchers from Barracuda Labs, spammers in their latest ruse are using Google Translate to elude anti-spam filters.

Dave Michmerhuizen, Research Scientist as well as Shawn Anderson, Engineer at Barracuda Labs draw attention to the fact that the majority of anti-spam filters are designed for preventing dubious e-mails whose embedded web-links lead to shaky destinations or reputations. However, to avoid this hazard, spammers are utilizing open domain diversions as also web-address condensers taking onto sites that high-status filters don't block, explain the experts.Threatpost.com published this in news on March 28, 2013.

The experts further state that spammers basically hack marginal and poorly protected websites to plant uncomplicated diversion programs. By exploiting a website's high reputation, they bypass anti-spam filters while the hacked site diverts visitors, who originally followed web-links within the spam mail, onto the bulk e-mail distributors' chosen destination, they point out.

Effectively, this ruse is feasible with Google Translate that works like the domain diversion so the majority of anti-spam filters will miss the spam messages that then enter victims' mailbox. For instance, a spam mail shows one web-link embedded that is condensed with Yahoo's URL condensing utility.

Following this web-link takes one onto Google Translate, which hunts the condensed web-address as also accesses its playandstudy.org destination. Playandstudy.org is a Wordpress-based site located inside France and which has been hacked. The site gives back a Russian-language message that means "Redirected to the requested page...." This is exhibited on the Google Translate site within an iFrame, Michmerhuizen and Anderson elaborate. Help Net Security published this in news on March 29, 2013.

Notably, during conclusion of the attack, victims are diverted onto a fake pharmaceutical website.

However, the ruse may fail at times thereby indicating the possibility that Google generates module, which beats 'frame-busting.'

In the meantime, overall, web-surfers require knowing that such extreme acts are being executed for spammers to conceal their malicious activities. Moreover, it is particularly important to remain wary about e-mail links despite the best spam filters deployed on end-users' systems. In fact, such web-links mustn't be clicked, particularly if they get served through uninvited e-mails.

Author:  SPAMFighter

«

 
(c) EMMA Labs, 2024 | No Spam Policy