A security vendor is warning Web surfers to beware of a malicious Web site that poses as a legitimate Google p...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
According to Scotts Valley, Calif.-based endpoint security provider SurfControl, the malicious site spoofs Google's Italian Web site and uses typo squatting, a technique that "mimics a legitimate looking domain and delivers a fraudulent Google page that looks identical to the original."
The fraudulent site attempts to install ActiveX controls on a user's machine. "This will occur automatically if Internet Explorer security settings allow installation of ActiveX controls," SurfControl said in a statement. "Otherwise, the end user will have to accept the installation for the infection to occur. If the ActiveX control is accepted, a number of Trojans are installed, redirecting the homepage to a Web site featuring adult content."
In addition to browser hijacking, SurfControl said the Web site installs a keylogging Trojan that monitors keystrokes and sends information to a remote location. The vendor said it has witnessed incidents where infected machines tried to send out malicious spam emails.