Phishers Use Fake Google Toolbar As Bait

MOUNTAIN VIEW, Calif. – Security experts have issued a warning that a new phishing scam involving a fake Google toolbar is the latest lure being used to steal personal information from web users.

Phishing is where emails, instant messages or websites pretend to be legitimate companies for the purpose of stealing personal information, financial account numbers and passwords.

The scam spreads itself via IM and Internet Relay Chat and downloads a fake Google toolbar and adware on users’ machines, which re-direct to a page collecting credit card information.

According to security firm FaceTime, the scam borrows the exploits of an application commonly referred to as "CoolWebSearch" and uses two URLs via IM that lead users to a web page that begins the toolbar install and calls a Windows Help File. Once this happens, the fake Google toolbar appears and the anti-spyware program known as "World Antispy" launches. At this point, users may also experience a pop-up window that asks for personal information.

So far, Yahoo Messenger is the only IM service being used in this attack.

"Our research finds that this phishing scam is financially motivated by a third party using incredibly elaborate bundles that deliver a rogue Google toolbar with many of the same elements as the real Google toolbar,” Chris Boyd, senior researcher at FaceTime, said. "Hackers are clearly using new tricks such as IM to take advantage of reputable, trusted brands such as Google.”

FaceTime is reporting that there are three distinct versions of this attack, each one exploiting different security vulnerabilities and installing a different payload using different vectors, including IM and IRC.

The new scam marks an increasing trend in using IM as a phishing tool, Boyd said.

According to security firm IMlogic, phishing attacks that use IM as their vehicle have jumped by 14 times since the first of the year, and by the third quarter, IMlogic tracked 10 times the number of IM threats than in all of 2004.

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

AEBN Reveals Eva Maxim as Top Trans Star for Q2 of 2025

AEBN has published its top trans stars list for the second quarter of 2025, with Eva Maxim landing atop the leaderboard.

France Reinstates Age Verification Rule for EU Sites

France’s highest court, the Council of State, on Tuesday reinstated age verification rules for EU-based sites under the country’s Security and Regulation of the Digital Space (SREN) law, ruling in favor of the French government and against Hammy Media.

Whisper Fans Joins Pineapple Support as Supporter-Level Sponsor

Whisper Fans has joined the ranks of over 70 adult businesses and organizations committing funds and resources to Pineapple Support.

Utherverse Launches 'Red Light Center' Virtual World

Virtual reality and metaverse technology company Utherverse has launched its new virtual world, RedLightCenter.io.

European Commission Approves AV Guidelines, Unveils Prototype App

The European Commission on Monday released its final, approved guidelines for protecting minors online under the EU’s Digital Services Act (DSA) and made public a “white label” age verification app intended to help sites and platforms comply with age verification rules under the DSA.

New Membership Site 'Sluts Corner' Launches

R18 Entertainment has launched a new membership site, SlutsCorner.com.

Roxie Rae Relaunches Site Through XSiteAbility

Roxie Rae has relaunched her site through XSiteAbility.

Federal Appeals Court Vacates FTC 'Click to Cancel' Rule Pending Review

The U.S. Court of Appeals for the 8th Circuit on Tuesday vacated the Federal Trade Commission’s “click-to-cancel” rule aimed at making it easier for consumers to cancel online subscriptions, pending further review.

Show More