Cybercriminals are using a loophole in Google’s Web site to redirect unsuspecting Web users to malicious Web sites that try to install malware.
McAfee Avert Labs has spotted spammed HTML-formatted e-mails that include a link that appears to point to Google, but actually sends Web users to malware-laden Web sites.
“Although this type of technique is not necessarily new, the problem is that Google is not preventing the redirects to such sites,” McAfee Avert Labs Researcher Vinoo Thomas writes on the Avert Labs blog.
The scam takes advantage of a so-called open redirect on Google’s Web site. This open redirect lets anyone craft a link that to the untrained eye looks like it goes to the search engine, but actually goes elsewhere on the Web.
Open redirects are all too common on the Web. Phishers have taken advantage of such redirect links on major Web sites such as Yahoo and Microsoft's MSN before. Now it is Google and the links are pointing to actual malware, meaning that after a click malware will try to install.
The redirects could be prevented, Thomas writes: “Google must be aware of this redirect abuse, and it’s hard to understand why they don’t prevent these redirects working for known bad file types or for spam and malware sites.”