The scammers don't need to abuse vulnerabilities to accomplish their goals

Jun 10, 2013 07:15 GMT  ·  By

Last week, we learned that spammers were abusing various open redirect vulnerabilities, including one in CNN, Yahoo and Ask.com, to lure unsuspecting users to a shady miracle diet website. 

The scam website is still live and, as it turns out, the scammers don’t even need to abuse website vulnerabilities to trick Twitter users into visiting the site.

Security expert Janne Ahlberg has discovered that the scammers are now abusing Google search to accomplish their goal.

The Twitter messages that promote the diet website are accompanied by links to a custom Google search.

As E Hacking News highlights, the spammers are using the “site” keyword to make sure their website is the only one that shows up in the Google results when internauts click on the links.

By the looks of it, this spam campaign will be around for some time, so users are advised not to click on links that advertise miracle diets, even if they appear to point to trusted websites.