Scammers have set up an exact copy of the download page for Google’s Toolbar plug-in in an attempt to lure users to download a Trojan back door.Reported by security outfit Surfcontrol, some versions of the scam even spoof the correct Google Toolbar Web address for Internet Explorer, using Google’s own redirection service in an attempt to hide the real, non-Google address.The Trojan itself, W32.Ranky.FW, is designed to turn the PC into a bot zombie, and is spread using the conventional technique of asking recipients of a spam e-mail to follow an embedded link.According to Surfcontrol, the version detected by the company fails because of poor programming of defective compilation, but it remains a proof-of-concept in how to attack users using a simple combination of convincing elements. Outwardly simple, the scam has a clever combination of tricks. Although using parts of established websites is standard in phishing scams, it is relatively unusual to go to the length of reproducing an entire page precisely, in combination with a convincingly spoofed web address.The fact that the spammed e-mail appears to come from Google could convince recipients to follow the link. Assuming that a re-engineered version appears—highly likely—once infected, users will notice nothing untoward, although their PCs will have become part of a bot-controlled network.Google has been attacked in similar ways before. Last September, scammers faked the Google search page itself in order to aid the spread of a worm.More recently, a Trojan attacked the company’s adsense advertisements, replacing them, in-browser, with fake ones on any PC infected with the malware.-John E. Dunn, Techworld.com (London)Keep checking in at our Security Feed for updated news coverage. Related content news New Trojan ZenRAT masquerades as Bitwarden password manager A report by Proofpoint identifies the new Trojan as undocumented and possessing information-stealing capabilities. By Lucian Constantin Sep 28, 2023 4 mins Cyberattacks Cyberattacks Cyberattacks news UK Cyber Security Council CEO reflects on a year of progress Professor Simon Hepburn sits down with broadcaster ITN to discuss Council’s work around cybersecurity professional standards, careers and learning, and outreach and diversity. By Michael Hill Sep 27, 2023 3 mins Government Data and Information Security Security Practices news FIDO Alliance certifies security of edge nodes, IoT devices Certification demonstrates that products are at low risk of cyberthreats and will interoperate securely. By Michael Hill Sep 27, 2023 3 mins Certifications Internet Security Security Hardware news analysis Web app, API attacks surge as cybercriminals target financial services The financial services sector has also experienced an increase in Layer 3 and Layer 4 DDoS attacks. By Michael Hill Sep 27, 2023 6 mins Financial Services Industry Cyberattacks Application Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe