Security Alert: Fake Search Engines

When it comes to online safety, there are a number of tricks and scams that most regular internet users know to watch out for to avoid their personal data or privacy being breached online. These include steps like not clicking on attachments in emails that seem suspect or are from an unknown sender, vetting the legitimacy of an app before downloading it, and declining to enter personal information on sites where it clearly shouldn’t be necessary to do so.
Because the publicity around these issues has been so strong, many people have adapted their habits accordingly. Thus, in order to keep doing what they do, scammers have had to find new ways to take advantage of internet users that are too trusting or not playing close enough attention to what they are clicking on. And unfortunately, it seems like the newest iteration of this cat and mouse game is a particularly vexing one: fake search engines.
 
According to some web insiders, a fake version of Google seems to be turning up in various website’s analytics results. As Mashable reported recently, “The Next Web noticed something weird about one of the domains in the Google Analytics for its site a few weeks ago: a piece of spam that was telling them to vote for Donald Trump. That in and of itself wasn’t weird, but the domain was: ɢoogle.com (warning: Don’t go there).”
The scammers pulled off the trick by using a Unicode symbol that looks like the normal capital G that would appear in Google.com, but in fact is an entirely different character, leading to an entirely different web address. According to The Next Web the scammers pulled of the code switch as such: “To be precise, it’s Latin Letter Small Capital G, also known as Unicode 0262. The small G is part of a subset of special characters that can also be used in funky domain names like http://√.com or http://日本語.jp.”
Though this website doesn’t do anything particularly sinister other than redirect traffic to a pro-Donald Trump website that is filled with spam, it is the sign of a very troubling new trend. The ultimate goal of a scam like this is simply to drive fake traffic that will in turn serve as click bait for web page owners. But, as one security commenter noted, “By obtaining the ɢoogle.com web address, Popov can give his spammy redirects an air of authenticity, though once you land on one of his pages it’s clear that things aren’t as they seem – at least to most web veterans. Still, the fact that this type of mimicry is even possible suggests that others, potentially more skilled at making clones of popular websites, could utilize Unicode character swaps to duplicate banking, shopping, or social sites.”
While more savvy internet users may be able to detect when the search engine they are visiting is not legitimate, it is far less likely that more moderate users will. If fake search engines were to progress further and start being used for more malicious aims – like infecting a computer with malware or creating fake banking sites – the problem could quickly get out of hand.
This small example is an indication of how scammers tend to evolve with technology. Being a responsible internet user is an ongoing practice, and we need to be educating digital citizens continually about what and where vulnerabilities lie. As this most recent troubling evolution of fake search engines shows us, we can’t expect that the defenses that were adequate last year or six months ago will be enough today.