Google Warns About Hacker-for-Hire Services Trying to Phish Users

pcmag.com:

Google says it recently blocked dozens of malicious websites that so-called “hacker-for-hire” services were using to try to phish users. 

The company published a blog post(Opens in a new window) today intended to warn the public about the threat, which Google researchers have been tracking for years.

“We have seen hack-for-hire groups target human rights and political activists, journalists, and other high-risk users around the world, putting their privacy, safety and security at risk,” wrote Shane Huntley, director of Google’s Threat Analysis Group (TAG).  

These hacker-for-hire companies can try to break into user accounts by circulating fake messages from Google or other companies, which have been designed to trick victims into visiting websites actually under a hacker's control. 

The websites can masquerade as phony login pages. If you type in your password, the login credentials will be secretly sent to the hacker, allowing them to break into your account. 

Thursday’s blog post covered hack-for-hire groups based in three countries: India, Russia, and the United Arab Emirates. According to Google, these hacker-for-hire services can openly advertise themselves on the internet or promote their businesses discreetly through third parties, such as private investigation firms.

In India, Google has been tracking several hacker-for-hire services. One tactic they've been using includes sending fake messages pretending to come from Amazon's AWS cloud service that can claim the user recently changed their password.   

In Russia, the company has noticed one hacker-for-hire service using phony notifications from email providers including Gmail to trick users into visiting their malicious phishing pages. In some cases, the group