The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,777 other followers

Google’s Phishing Quiz shows why Google AMP (Accelerated Mobile Pages) is a bad idea

Posted by jpluimers on 2019/01/25

This week, Google introduced the [WayBack] Phishing Quiz, a series of questions to see how good you spot phishing emails.

It is a perfect example on why Google AMP is a bad idea: it makes it easier to write phishing mail targeting Google users.

One of the questions is about a password change email seemingly from Google with a link by Google.

The link is really deceptive, as it:

  1. uses Google AMP (Accelerated Mobile Pages) which are hosted directly through a root path on the Google main domain: the URL starts with https://google.com/amp
  2. Especially on mobile, Google accelerates a lot of things through Google AMP, so a link on mobile that looks like this might be legit

This will deceive a lot of people as they are trained to look at the main domain to assess authenticity: google.com

That combined with an email domain that also looks being from Google (with so many real word top-level domains, many would not be surprised getting email from no-reply@google.support)

Just look at the below screenshot to see how deceptively this trick is.

Solution

The only solution is for people to learn that URL shorteners are evil: they mangle URLs. Which kinds of defeats both URL shorteners, and Google AMP (which also mangles URLs).

Postscript

Google already stopped with their URL shortener (see for instance [WayBack] Google is shutting down its goo.gl URL shortening service), so I wonder when they will stop with AMP.

–jeroen

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
%d bloggers like this: