Pinkerton Insights Podcast

Open sources reported last week that malicious actors initiated a phishing campaign that uses Google Translate as a facade to steal Google and Facebook credentials. According to experts, the process starts with phishing emails pretending to come from Google with the subject "Security Alert." The content warns about an unverified log-in from a Windows device, and it recommends pressing a button to consult the activity. After the user clicks the link, it will redirect to a Google Translate page that simulates a Google Account log-in. Researchers stated that the phishing page is harder to detect through a mobile browser as it hides better the Google Translate interface and resembles a more legitimate Google Account log-in. If the user enters the information requested, the attackers receive the information via email. Afterward, it redirects to a Facebook log-in page to start the same phishing process. Malicious actors can steal accounts, passwords, and other data related to the person's verification settings such