The first big Google+ spam campaign blasted out by pill-pushers

by Graham Cluley on July 1, 2011 | 4 Comments

Filed Under: Google, Social networks, Spam

In what may very well be the first major cybercriminal campaign exploiting the Google+ brand, spammers are sending out bogus Google+ invitations that in reality point to online pharmacies.

The messages look similar to the real emails that users may receive from friends who are already members of Google+.

Spam Google Plus email sent by pharmacy spammers

However, clicking on the links will not take you to the new social network, but instead take you to a pharmacy website set up to sell the likes of Viagra, Cialis and Levitra to the unwary. In the case of the site shown below, they even have a special July 4th promotion - just in case you were hoping for additional fireworks on the night.

One of the pharmacy websites promoted by the spam messages

The spammers are no doubt hoping that the email will be too hard to resist for many people eager to see Google's new social network, although just how many users will be tempted to buy drugs online is a mystery.

Are you on Google+? Why not add Naked Security to the circle of people you're following?

If you're on Google+ and want to connect more with Naked Security, you would be missing a trick if you didn't follow us up there. Here's where you can find us (or just click on the image below):


Naked Security on Google Plus

We'll be investigating security and privacy on Google+ and reporting back on our findings. Look forward to seeing some of you up there!

Tags: , , ,

4 Responses to The first big Google+ spam campaign blasted out by pill-pushers

  1. wwms says:
    July 1, 2011 at 8:24 pm

    I think they didn't learn their lessons from their first privacy debacles.

    Things like: "If your friends use apps, those applications may gain access to content and information about you that those friends can access." So, I don't control what applications may see? Not okay with me.

    "We will record information about your activity" but no exact specifics on what they will be collecting.

    And the mobile app policies look worse. It appears to me that some of this is worse than facebook.

    Reply Report comment
  2. Mike says:
    July 1, 2011 at 9:39 pm

    'is your first port of call'

    I think you guys drank too much LulzSec kool-aid...

    Reply Report comment
  3. Nigel Straightgrain says:
    July 2, 2011 at 6:29 pm

    Wow! What kind of person would actually provide any market support to a vendor who tries to get business by spamming people with fraudulent invitations? A moron? A completely unprincipled idiot?

    Ah, well...I suppose there is a certain natural justice in it. They (vendor and buyer) certainly deserve each other.

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.