Along with the torch of knowledge that the web carries, it also has creaks of dark spaces which is made up of hackers and spammers. Google, which has become synonymous to everything web now, is the most popular search engine in the world. And now the dark space on the web is attempting to creep into Google. Recently spotted by The Next Web, a fake ɢoogle.com is making rounds on the web. In case you didn’t notice, this particular link has the capital G smaller than normal, being about the same size as a lowercase letter, which is of course odd and not the real Google link. It’s a fake search engine and is a potential threat to users if it continues to exist.
The perpetrator of the fake search engine is reportedly Vitaly Popov, a notorious Russian spammer who is known to be using a blackhat technique to send fake traffic to Analytics users for years. He even acknowledged it publicly a couple of years ago when all the spam madness started, stating that he is not breaking any law, but only using creative marketing. His own website ilovevitaly.com is also a clone of this fake Google search engine.
Popov’s primary purpose is to promote his websites, however, he also uses it to fool around with popular keywords. Recently, he used it to show his preference on the USA 2016 Election. The fake Google search engine began popping up in the Google Analytics traffic searches earlier this year, showing up as traffic directing from ‘secret.ɢoogle.com’, and the appearance of the link was sometime accompanied by ‘Vote for Trump!’ as the page title.
If you search, secret.ɢoogle.com on the web, you’d be led to a very odd link, which is your read closely are the lyrics of the song Money by Pink Floyd. On the face of the web page are some familiar words put together which make no sense in a sentence. But it does clearly congratulate Trump for his victory in the US Elections.
Vitaly’s main trap for confusing the users with the fake ɢoogle.com link is by making it look almost exactly like the real Google web link. However, like we mentioned earlier, the leading ‘G’ in the web address is not the usual, instead it uses the character Unicode 0262, known as “Latin Letter Small Capital G.”
Essentially what he does is, that he obtains the ɢoogle.com web address, and gives his actually spammy redirects an air of authenticity. Although, as the screenshot above makes it clear, that once you land on the page it’s clearly something fishy. But what’s scary is, the fact that this type of phishing is even possible can give other hackers an opportunity to clones other popular websites, creeping into banking, shopping, or social sites information of users, causing much hefty damage.
Spammers and hackers are constantly looking for ways to attract more people. They use referrals, keywords, landing pages, page titles, languages (like in the case of the fake Google). One other example of that is in form of apps. Last year, the Indian government had launched an Android app to help people digitize the way they carry their important identity proofs. Under Prime Minister Narendra Modi’s “Digital India” project, the government rolled out the DigiLocker app, which is essentially an online locker facility, where users can upload and save all their government-issued documents such as PAN card, Aadhar Card, college certificates, property documents and the likes, online.
However, recently, many fraudulent apps had been spotted on Google Play that posed to be the DigiLocker app issued by the government. Going by the same name, these apps cash on the ignorance of some users. These fake apps have similar logos like the original app, some even have the Indian emblem on it, while others use Prime Minister Narendra Modi’s photo on them, which can easily confuse anyone. When we searched on the Google Play store for DigiLocker app, we found five apps listed by the same name, apart from the genuine DigiLocker app.