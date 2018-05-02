Please create an account to participate in the Slashdot moderation system

 


According to security company Sophos, scam websites have been using obfuscated Google Maps links to redirect users to dodgy websites. The Register reports: The reason for this is Google's recent efforts to get rid of its Goo.gl URL-shortening service. The link-shortening site is a favorite for scammers looking to hide the actual address of pages. Without Goo.gl to pick on, scammers are now abusing a loophole in the Maps API that allows for redirects to be put into Google Maps URLs. This allows the attackers to chain the links to their scam pages within a link to Google Maps, essentially creating a more trustworthy URL that users are more likely to follow. The trick also has the benefit of being harder to catch and shut down than links made with the well-policed Goo.gl service. Because it uses Google Maps, there's no reporting structure in place to get the scammers shut down and the scammers don't have to use a Google-owned interface or API to do it.

  • The recent articles and corresponding actions of the big internet companies seem to push against basic redirect services. I am having a hard time understanding why. Makes me uncomfortable, but I can't explain why. Please enlighten me?

    • Re: (Score:2)

      by Kaenneth ( 82978 )

      Because it's an abuse of what a URL should be.

      obfuscated URLs that hide their true destination are evil.

  • It's amazing the thought and effort that goes into criminal schemes. If there's plenty of legitimate work, the effective hourly rate can't be the only driver. It must also be because finding loopholes is more exciting. A honeypot for the hacker mentality, particularly those who are financially-challenged, aren't troubled by empathy for victims, and actually get off on the danger.

