Google Alert is being used to spread malicious code

Google Alerts is a free Google service that allows users to track certain search results related to certain keywords via email. Recent research shows that hackers are using this service to spread malware.

At first, hackers used dirty SEO and spam sites to spread and disseminate information about big name companies leaking data. In this way, the fake notifications about EA, Dropbox, Hulu, PayPal . leaked data will be notified to users by Google Alerts themselves.

And of course, along with the notifications in Google Alerts are malicious links. When clicking on the link, users will download malware, viruses, tracking software. These actions are run in the background and the user is unaware and what they see after clicking can be an error site or filled with text. Only a handful of links lead users to fraudulent websites to steal sensitive information.

Hackers use the same websites they hack as keyword spam tools for dirty SEO campaigns. Security researchers said they discovered a hacked website had a folder containing about 2,000 text files with dirty SEO keywords. When a user searches on a certain issue, the site of the hacker always appears at the top of the search page and will most likely be clicked.

Besides hackable websites, hackers also create spammy sites themselves using the free Google Sites tool. When users click on the link of one of the fake sites mentioned above, they will be redirected to many other addresses before reaching the destination page.

Hackers also use fake Adobe Flash update notifications to spread malicious code. These fake notifications appear both on Chrome and Firefox. Pages giving gifts and fake promotions are also used to lure innocent users.

To avoid falling victim to online attacks, users should check the links before clicking. Besides, you should keep in mind that things that are so interesting online are often not real.