Fake Google Toolbars Go Phishing
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Fake Google Toolbars Go Phishing

Written By
Ben Charny
Ben Charny
Oct 5, 2005
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

An Internet security specialist says a new threat forces computers to install faked Google software, which then goes phishing.

Phishing is where e-mails, IM (instant messages) or Web sites parody a legitimate company, and try to get users to provide personal information or financial account numbers and passwords.

The latest cases involve bogus Google software spread via IM, and appear to be a variety of the infamous CoolWebSearch phishing scheme, according to Foster City-Calif.-based FaceTime Security Labs. CoolWebSearch has never been spread via IM before.

In the recent cases, IM users unwittingly download a rogue tool bar, which is installed on a Web browser and provides easier access to an Internet search provider.

Tool bars also contain measures to block pop-up advertisements.

/zimages/6/28571.gifRead morehereabout new developments in tool bars.

The only working feature on the fake Google Toolbar saves credit card details, according to Christopher Boyd, the security research manager of Foster City, Calif.-based FaceTime Security Labs. A bevy of others, including one to “enable pornographic ads,” do not work.

IM is increasingly a target of phishers, as the latest attacks show.

Some IM-related attempts date back to 2003.

Most recently, in early March, Yahoo Inc. confirmed that some of its Yahoo Messenger customers received a message that appears to be coming from a buddy-list contact.

Users can be lulled into directing a Web browser to a Yahoo Web page requesting log-in information for Yahoo accounts, according to an analysis by Akonix Systems Inc.

The cases in point appear similar to a rather infamous method of hijacking Web browsers known as CoolWebSearch, Boyd adds.

Instant messaging is increasingly a target of phishers, as the latest attacks show.

Some IM-related attempts date back to 2003. Most recently, in early March, Yahoo Inc. confirmed, came under attack through Yahoo Messenger, its IM service.

In the attack, users receive an IM message that often appears to be coming from a buddy-list contact.

The IM attempts to lull users into clicking on a URL, which then takes them to a spoofed Yahoo page requesting login information for their Yahoo accounts, according to an analysis by Akonix Systems Inc.

/zimages/6/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

Ben Charny
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information