- Sputnik International
World
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

Scammers Take Advantage of Google Maps Redirection Flaw

© AP Photo / Karly Domb SadofGoogle Maps application is demonstrated in New York (File)
Google Maps application is demonstrated in New York (File) - Sputnik International
Subscribe
Security company Sophos has warned that Google Maps users are at risk of being tricked by scammers using an open redirect vulnerability.

According to Sophos researcher Mark Stockley, attackers can exploit a flaw in the mapping software to lure users to shady websites.

In this June 2006 file photo a model monster replica of the legendary sea serpent of Loch Ness, Nessie, provides a photo op for visitors in Drumnadrochit, Scotland - Sputnik International
Don’t Hide It! Google Reportedly Edits Scottish Loch Ness Monster Pics
Security experts say links to dodgy sites are being disguised to look like safe shortcuts to Google Maps. Clicking on such a link, people expect to be sent to Google Maps but instead get redirected to a malicious page offering to buy, for instance, diet pills.

Linking directly to a scam site would result in Google's automated checks refusing the link, so cybercriminals bypass URL shortening service tests and use Google Maps as a legitimate middleman before a completely different website is loaded than the intended one.

READ MORE: ‘Free and Fair Elections' at Risk from Companies like Cambridge Analytica

"The crooks have turned a service designed for shortening and sharing Google Maps URLs into an impromptu redirection service for sharing whatever the heck they like, thanks to an open redirection vulnerability in the maps.app.goo.gl service", Stockley said.

Last month, Google announced its plans to shut down the goo.gl URL shortening service and replace it with Firebase Dynamic Links. But before it happens, scammers still can take full advantage of short links using Google Maps.    

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала