Jitenda Sarda of Symantec's Security Response blog points out that spammers are now masking junk URLs with authentic-looking Google search strings:
The stunt also involves simulating Google's "Feeling Lucky" button, to make sure that when someone clicks the URL they go to precisely the site that the spammer wants.
The blogger ShoeMoney noticed the tactic earlier this week, and suggests it opens the door to even more ways to exploit the search engine. "So Google is passing a 302 redirect for this link. But its also dropping the full Google Cookie. . . I gotta ask myself besides fooling search engines what other bonuses could there be for exploiting this flaw in the Google search string."
Plenty, as the blogger then describes.
At a time when Google is moving at break-neck speed into social networking, and the cell phone business, Symantec is pointing out what's at least a minor exploit in the company's core business.
related stories
Video
trending stories
sponsored resources

Veeam
Veeam

Cato Networks
SASE & SD-WAN 360

Channel Chief Showcase

CRN Showcase

APC by Schneider Electric
Digital Services for Edge Learning Center

Acer
Remote Workforce 360

Cradlepoint
5g for Business 360

Smart 3rd Party
3rd Party Maintenance 360

Trend Micro
Trend Micro Learning Center

Partner Program Guide Showcase

Hitachi Vantara
Hitachi Vantara

Sophos
Sophos Cybersecurity Learning Center

Cyber Protection 360

SentinelONE
EndPoint Security 360

Comm100
Collaboration & Communications 360

VMware

HubStor
Cloud Backup 360

Wasabi
Wasabi

Cysurance
Cyber Insurance 360

Dell Technologies
Microsoft HCI Solutions from Dell Technologies Learning Center

Dell Technologies
Dell Technologies Storage Learning Center

Dell Technologies
Dell Technologies Server Learning Center

Dell Technologies
Dell Technologies Cloud Learning Center

Sherweb
Sherweb

Carbonite
Cloud Storage 360

Comcast Business
Comcast Business Learning Center

iboss
Cloud SASE Platform 360

Terranova Security
Cybersecurity 360

CyberPower
CyberPower

N-able
MSP Automation Solutions 360

eSentire
Managed Detection and Response 360

EPOS
EPOS

NPD
Industry Trends 360

Vertiv
Edge Computing Learning Center

Webroot
Webroot Learning Center

Tenable
Cyber Risk 360

BlackBerry
BlackBerry Learning Center

Fujifilm
Fujifilm

Vonage
Vonage
