Bogus Google Translate lookalike pages are being used in a credential theft campaign.
Google Translate spoofed for credential harvesting.
Researchers at Avanan describe phishing emails that are impersonating Google Translate in order to steal users’ email credentials. The emails inform users that they have pending incoming emails, and they’ll need to confirm their account within 48 hours in order to receive the emails. If the user clicks the link in the emails, they’ll be taken to a phony Google Translate page with a login field.
The phishing page looks fairly convincing, but users should note that the phishing page’s URL looks very suspicious, even though it ends with “translate[.]goog.”
Avanan offers the following advice to help users avoid falling for phishing scams:
- “Always hover over URLs to ensure the destination is legitimate
- “Be sure to pay attention to grammar, spelling and factual inconsistencies within an email
- “If ever unsure about an email, ask the original sender”