The release of Google+ was dubbed another try by Google to take on Facebook, which is currently the most popular social networking site. Its launch was well-accepted by the public, so well in fact that Google had to disable sending invites to new users (signing up was initially only available by invitation) due to “insane demand.”
We haven’t found any threat within Google+ but we recently encountered a website that leverages the recent demand for Google+ invites despite making the network open to everyone.
The site claims to offer downloadable invites. Trying to do so leads to a list of surveys that the user must answer in order to get an invitation.
Closing the said list directs to a page of a file-sharing website where the user is given two options—to download an invitation for free by answering one of the surveys or to download an invitation by paying a certain amount.
Users who choose to go with the free option sees a warning that tells them they can only enter valid information or be banned from the site, apart from not being allowed to download an invitation. The users are then led to the survey of their choice. Upon completing any of the surveys, which are all basically fashioned like an IQ test, the users will be asked to enter their mobile numbers.
At this point, it’s easy to realize that answering the IQ test is unrelated to the process of downloading a Google+ invitation, just like downloading a file is totally unnecessary to create a Google+ account. This scheme does not lead to getting a Google+ invitation, only unnecessary charges to their phone bills, as the text at the bottom of the site implies that entering their mobile numbers will subscribe them to certain clubs, which will charge them specific amounts on a daily basis.
Trend Micro already blocks the links to the above-mentioned scam pages via the Trend Micro™ Smart Protection Network™.
We already know how Facebook ended up fitting right into cybercriminals’ plans with numerous attacks targeting it. Considering this recent development, it’s possible for Google+ to share the same fate. Let’s just hope Google and Google+ users are ready to take on future attacks.