Google Alerts Service Is Being Abused to Spread Fake Flash Updates - Binary Defense

Threat Watch

Threat Watch Google Alerts Service Is Being Abused to Spread Fake Flash Updates

Google Alerts Service Is Being Abused to Spread Fake Flash Updates

Google Alerts is a service where users can monitor the web for keywords or phrases and be notified by email of new content. BleepingComputer has noticed threat actors publishing fake stories with popular keywords to be indexed by Google. These stories are then emailed to Alerts users with a Google redirect link taking them to pages with warnings of an out-of-date Flash Player. BleepingComputer has also noted that when visiting the site directly (instead of being redirected by Google) the website will return a 404 error stating that the page cannot be found.

ANALYST NOTES

Adobe officially ended support for Flash on December 31st, 2020 and blocked all content from playing after January 12th, 2021 after initially announcing its end of life back in 2017. Fake Flash Player update prompts continue to be a common tactic to infect unsuspecting victims. However, according to Adobe’s End of Life page for Flash, Adobe will no longer provide any sort of updates after December 31st, 2020. Not only has Adobe ended support, Microsoft, Apple and all major browsers have begun blocking and removing Flash Player as well. Binary Defense highly recommends allowing Flash Player to be removed simply by keeping up with regular operating system and software updates.

Source: https://www.bleepingcomputer.com/news/security/warning-google-alerts-abused-to-push-fake-adobe-flash-updater/

https://www.adobe.com/products/flashplayer/end-of-life.html