[Full-disclosure] phishing attacks against ISPs (also with Google translations)
ge at linuxbox.org
Fri Mar 27 01:35:30 GMT 2009
> Dear Gadi,
> On Wed, Mar 25, 2009 at 9:40 AM, Gadi Evron <ge at linuxbox.org> wrote:
>> While we have seen ISP phishing and Hebrew phishing before, these
>> attacks started when Google added translation into Hebrew.
> How exactly did you establish such a certain connection between
> Google's Hebrew translation service's debut and these phishing attacks
> you're referring to?
> If you're going to provide us with dates, please point out trustable
> probative sources.
Dear Mr. M.B.Jr.,
While I cannot show conclusive evidence between the two concurrent
events, the causality in this case seems pretty obvious for the
1. The two (phishing and translation module) occurred at around
the same time frame.
2. Previously, this was not happening.
3. The imperfect Hebrew looks like a machine translation.
4. In fact, the only new element I can discern being added to
the game was the new Google module.
Google is not at fault, they provide a valuable and good service.
Criminals abuse the same tools we use.
I concede that it is not outside the realm of possibility some crappy
Hebrew translator suddenly started working with the phishing gangs, but
it doesn't seem likely.
Conversely, do note I did not state it was Google's translation engine
that was abused, but rather asked if others see this as well and can
confirm. I say it now, it is the most likely conclusion.
I'd be happy if someone has other ideas to help us reach a better
Full-Disclosure is hosted and sponsored by Secunia.