March 15, 2007 3:07 PM PDT

When phishers attack blog sites

Phishers appear to be planting malicious exploit code on various sites in the hopes that you'll stumble upon them through keyword searches. Yesterday, security vendor Fortinet reported that certain Blogger.com sites appear to be hosting malicious content, and we speculated that the pages had been compromised using cross-site scripting attacks.

Today Google, which owns Blogger.com, said in a statement to CNET that the example sites cited by Fortinet appear to be "deliberately set up to promote phishing, which is against our terms of service."

Indeed, in reviewing the example we visited yesterday, there are numerous red flags. First, the content of the blog is gibberish. Although the page is in English, the visitor counter is in Russian. None of these alone are damning, but casual or even accidental visitors to the blog page could find themselves infected with a remote access Trojan horse. Google said that it is investigating these pages and concluded that "blogs found to include malicious code or promote phishing will be deleted."

As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.

Topics:: Content and publishing

Tags:: security,; blogger,; Google

Share:: Digg; Del.icio.us; Reddit; Facebook

Inside CNET News

Scroll Left Scroll Right

Nanotech - The Circuits Blog
Netbook vs. iPhone: A better comparison
Maybe I've been looking at Netbooks the wrong way.
Gallery
Photos: Top-rated reviews of the week
Technically Incorrect
Gates: Apple is 'a force in doing good things'
During a CNBC special in which he appeared with Warren Buffett, Microsoft's Bill Gates is effusive in his praise for Steve Jobs and Apple.
Microsoft
Hackers bypass Windows 7 activation
Coders have found a way to disable the normal activation requirements of Microsoft's latest operating system, although Redmond says it is working to shore up its antipiracy protections.
Video
Exploratorium's shocking 40th anniversary kicks off
Wireless
Windows Mobile loses nearly a third of market share
Smartphones that use Apple's, Research In Motion's, and Google's operating systems are draining Microsoft's mobile market share.
Video
A new workout for the Wii
The Social
Running a contest on Facebook? That'll cost you
The social network tightened its rules for companies running contests on its platform last week, and sources say those companies will be required to buy ad space too.
The Space Shot
NASA spacecraft confirms water ice deposits on moon
Deliberate crash of an empty rocket stage in a permanently shadowed crater near the moon's south pole last month kicked up definitive signs of water ice, scientists say.
Gallery
Images: Getting personal with Windows 7
The Cheapskate
Killer deals on BlackBerry, Droid, and Palm Pixi
Make $100 on a BlackBerry, score a Motorola Droid for $120, or scoop up a pixie-cute Palm Pixi for 25 bucks. As always, however, plan on a two-year stint with the carrier.
Green Tech
Nissan says all-electric Leaf will compete on price
Kicking off a marketing tour for the all-electric vehicle, CEO says price will be "key to the mass market" but that it's too early to say what that price will be.

When phishers attack blog sites

Content and publishing

security,

blogger,

Google

Report offensive content:

E-mail this comment to a friend.

Warning! You will be deleting this comment and all its replies (if applicable).

About Webware

Webware topics

Most Popular

A CNET Conversation with Eric Schmidt

Verizon tests sending RIAA copyright notices

Inside CNET News