Brief: Malicious Web site poses as Google

A malicious Web site poses as Google's Italian site, but attempts to install malicious ActiveX controls on victim's machines and ultimately redirect them to adult content.

A security vendor is warning Web surfers to beware of a malicious Web site that poses as a legitimate Google page.

According to Scotts Valley, Calif.-based endpoint security provider SurfControl, the malicious site spoofs Google's Italian Web site and uses typo squatting, a technique that "mimics a legitimate looking domain and delivers a fraudulent Google page that looks identical to the original."

The fraudulent site attempts to install ActiveX controls on a user's machine. "This will occur automatically if Internet Explorer security settings allow installation of ActiveX controls," SurfControl said in a statement. "Otherwise, the end user will have to accept the installation for the infection to occur. If the ActiveX control is accepted, a number of Trojans are installed, redirecting the homepage to a Web site featuring adult content."

In addition to browser hijacking, SurfControl said the Web site installs a keylogging Trojan that monitors keystrokes and sends information to a remote location. The vendor said it has witnessed incidents where infected machines tried to send out malicious spam emails.

Dig deeper on Web Application Security



Enjoy the benefits of Pro+ membership, learn more and join.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: