The Latest in IT Security

Your Google+ Invite May be Spam


We have recently observed a run of spam that is trying to capitalize on the new social networking platform provided by Google, named Google+. The spam samples are similar to other social network spam messages, which are discussed in one of our previous blogs. Currently, Google is trialing their new venture with limited users; therefore, participation is by invitation only. Hence, it is expected that we’ll see bogus Google+ invites distributed as spam in the wild.

The message in this latest spam campaign looks like a legitimate invite from an already registered user, and it provides an invitation link. However, if one takes even a cursory glance at the URL in the status bar, it shows that the link doesn’t relate to Google in any way.
The headers in the spam samples are as follows:

Subject: Welcome to the Google+ project
From: [removed] (Google+) <[removed]>

The invitation link directs users to a Canadian pharmacy website, as shown in the image below:

Spam targeting social networks is not new. It is likely that this is another addition to the list of social networks that spammers wish to exploit. We expect a growth in “invite” spam or phishing attacks directed at users who are interested in obtaining a Google+ account. In spam and phishing cases such as this, please check any URLs provided in messages before clicking on any link. Please also ensure that you are certain the requester is a known friend and that the invitation is legitimate—before clicking the link. We are monitoring this attack to keep our readers updated.


Note: Thanks to Saurabh Kulkarni for contributed content.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments