Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

Google Alert Scam Sends Fake Data Breach Notifications Embedded with Malware

Date: 06/18/2020

A recent Google Alert scam has caught the attention of many. Google Alerts recently caught fraudsters trying to push fake data breach notifications for big-name companies in an effort to distribute malware and damage people’s computer networks. According to Bleeping Computer, fraudsters have been mixing black-hat SEO, Google sites and spam pages to direct users to dangerous locations based on data breach information.

Google Alerts is designed to send notifications to people who sign up for specific keywords monitoring and provide search results. As part of this Google Alert scam, fraudsters were able to create pages and use compromising websites to combine “data breach” with well-known brands. Bleeping Computer reports that some of those well-known brands include Chegg, Canva, EA, Dropbox, Hulu, Shein, Ceridian, PayPal, Target, Hautelook, Mojang, InterContinental Hotel Group and Houzz.

In the Google Alerts, fraudsters offer giveaways and download offers, which leads to the dangerous malware. The threat actors are also believed to have used the Google Sites tool to build webpages to host their content. Bleeping Computer says they found that the scammers were pushing unwanted search-related extensions. As part of the Google Alert scam, malicious links were also believed to be sent to people with an iPhone 11 device for a fake giveaway. It claimed to be set up by Google as part of a “Membership Rewards Program” and the offer said the gift was “exclusively and only for Verizon Fios users.” Users had to fill out a survey, allowing scammers to get their money. Browser extension scams can pose a risk to browsing privacy because malware can be used as part of this method.

Consumers who use Google Alerts should be aware of this particular scam; going directly to the source (the purported breached entity) instead of clicking on an unknown link. The Identity Theft Resource Center has been tracking publicly-notified data breaches since 2005 and has the most comprehensive and the most readily available data breach information for publicly-notified breaches. For any consumer that wants to fact check about the latest information regarding a publicly reported breach is encouraged to access our resources to confirm any new circumstances. Consumers can sign up for the monthly data breach newsletter, as well as view monthly and yearly data breach reports.

Anyone who believes they might have fallen victim to a Google Alert scam can live-chat with an ITRC expert advisor, or can call toll-free at 888.400.5530.

You might also like…

YEARS OF FORMJACKING LEADS TO BOMBAS DATA BREACH

CREDIT REPORTING AGENCIES ANNOUNCE FREE CREDIT REPORTS EVERY WEEK THROUGH 2021

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.