The WebsenseR ThreatSeekerR Network routinely monitors search results from Google trending topics. For example, if you were to search for the term “QuickTime” today, the 31st resulting entry would lead to a typosquatted URL, which pulls content from a phishing URL.
Clicking this Google search entry sends you to a fake QuickTime download site.
The “Download Now” button doesn’t take you to the download page for QuickTime software. It directs you to a phishing site instead. This alleged music download site phishes your credit card information on the membership fee payment page. Be aware of the risks of using your credit card on random websites to avoid such phishing attacks.
Websense customers are protected from these threats by ACET, our Advanced Classification Engine.
(Ping Yan – Security Researcher & Stephan Chenette – Principal Security Researcher)
Leave a reply
