Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Phishing

Spammers use Google Translate to Bypass Filters

Clever spammers have come up with a way to bypass email filters in order to send Pharma-themed junk messages. The process is done in stages, using a legitimate URL shortener, Google’s translation services, and compromised domains.

Clever spammers have come up with a way to bypass email filters in order to send Pharma-themed junk messages. The process is done in stages, using a legitimate URL shortener, Google’s translation services, and compromised domains.

Researchers at Barracuda Labs have detected a large amount of spam hitting inboxes, and after some research discovered why; someone discovered that Google is often whitelisted. That’s not the news though, because some of the more clever anti-spam products scan the message itself and rank the reputation of links inside – so Pharmaceutical spam, and other junk messages often fail to arrive.

However, Barracuda says that enterprising spammers are using Google Translate, in conjunction with Yahoo’s URL shortening service and hijacked WordPress installations, to bypass even some of the strictest filters.

“One of the primary reasons that small weakly defended websites are hacked is to install simple redirect code – the spammer takes advantage of the good reputation of the website to evade spam filters, and the hacked website redirects anyone who clicks on the message links to the website that the spammer is promoting,” Barracuda explains.

In the example used for their blog post on the topic, the spammer used Google Translate to point to a URL that was shortened with Yahoo’s y.ahoo.it service. The shortened, and translated link, points to a compromised WordPress blog, which redirects the visitor to a rogue pharmacy website.

“We’ve tested many of these links in the lab, and it appears that Google may be implementing code that defeats framebusting, but our tests are inconclusive. Some links now redirect to google.com, while others still redirect to pharmacy sites. We certainly hope this technique is not discovered by malware distributors,” Barracuda’s blog adds.

It is likely that malware distributors are fully aware of such tricks. But all the same, it’s best to simply avoid links that are delivered via random emails.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Cloud security startup Upwind has appointed Rinki Sethi as Chief Security Officer.

SAP security firm SecurityBridge announced the appointment of Roman Schubiger as the company’s new CRO.

Cybersecurity training and simulations provider SimSpace has appointed Peter Lee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.