06:46 GMT09 August 2020
Listen Live
    Get short URL

    Security company Sophos has warned that Google Maps users are at risk of being tricked by scammers using an open redirect vulnerability.

    According to Sophos researcher Mark Stockley, attackers can exploit a flaw in the mapping software to lure users to shady websites.

    Security experts say links to dodgy sites are being disguised to look like safe shortcuts to Google Maps. Clicking on such a link, people expect to be sent to Google Maps but instead get redirected to a malicious page offering to buy, for instance, diet pills.

    Linking directly to a scam site would result in Google's automated checks refusing the link, so cybercriminals bypass URL shortening service tests and use Google Maps as a legitimate middleman before a completely different website is loaded than the intended one.

    READ MORE: ‘Free and Fair Elections' at Risk from Companies like Cambridge Analytica

    "The crooks have turned a service designed for shortening and sharing Google Maps URLs into an impromptu redirection service for sharing whatever the heck they like, thanks to an open redirection vulnerability in the maps.app.goo.gl service", Stockley said.

    Last month, Google announced its plans to shut down the goo.gl URL shortening service and replace it with Firebase Dynamic Links. But before it happens, scammers still can take full advantage of short links using Google Maps.    


    Google Co-Founder Cautions About Dark Side of Artificial Intelligence
    Google Errs Over Picture of First Prime Minister and Indians Don’t Like It
    Russian Media Watchdog Blocks Some Google IPs in Bid to Stop Telegram Messenger
    ad, cybercrime, scam, Google Maps, Google
    Community standardsDiscussion