In the afternoon of December 1st, recently, some netizens reported that they were in Baidu Search "QQ E-mail", and the result ranked first was actually a hacking website. In response, Baidu officially responded that it found that the relevant website did have unauthorized violations of the landing page for fishing hacking, and the website was closed and reported.
In Baidu search "QQ mailbox", the advertisement of the hacking website appeared.
The following is a Baidu statement:
In response to some users' feedback on the "QQ E-mail" problem, we found that the relevant website does have unauthorized violations of the landing page for phishing hacking. We have sealed the website
The public security organ reported the case. We apologize for this situation! In accordance with Baidu's rights protection mechanism, we will communicate the follow-up protection plan with the victims.
If a netizen clicks on the reputation V search result in Baidu and encounters counterfeiting, phishing fraud and losses, he can apply for equity protection. Baidu's website is https://baozhang.baidu.com/guarantee/, or send an email to firstname.lastname@example.org.
In the future, we will continue to strengthen the supervision and inspection strategy, and increase penalties for illegal customers. Welcome everyone to supervise the report and criticize the suggestions!
After Baidu, 360 search also appeared paid advertising promotion QQ mailbox phishing website
A few days ago, some netizens found that when they searched for QQ mailboxes in Baidu, the top-paid advertisements turned out to be phishing websites. Users who entered the account and passwords would be stolen. Baidu has removed the phishing website advertisement after receiving user feedback. Baidu explained that the payment promotion customer arbitrarily modified the landing page to jump to the phishing website. Later, some netizens found that there was also a phishing website targeting QQ mailboxes in the 360 search. The same paid payment promotion appeared at the top of the search results.
Sina Weibo users@CuvageScreenshot of:
The promotion advertisement that appears when the netizen searches for QQ mailbox login is fishing. After clicking, it will jump to the new website to trick the user into entering the account password.
What's more funny is that this netizen also uses 360 security guards. As a result, when the phishing website is opened, it can automatically identify the page as a security risk. Since 360 security guards can detect the risk, how can this phishing website continue to promote? This is my own product to face.
The phishing website was not found during the Blue Point network test but there are new ones:
Blue Point.com has not seen this paid promotion phishing website when it is tested in 360. However, the word QQ login is not visible. 360 Search for the computer version of the search keyword mailbox. At present, there is no phishing website for paying promotion, but the phishing website appears again after changing to mobile search.
As shown below: The second paid promotion result is the phishing website when searching for keyword mailboxes. After clicking, it is also the password for jumping to the new spoofing user.
These phishing sites look almost identical, completely spoofing the QQ mailbox interface to induce users to enter accounts and passwords and then jump again. For the user, after entering the account password for the first time and clicking Login, the input box will appear again. It is estimated that the user will think that he has just logged in and failed to log in again. After re-entering the password, you can log in to the real QQ mailbox official website this time, but this time the account password has actually been sent to the black team.
It is estimated that all the same black production team is behind the scenes:
Both Baidu and 360 search for paid promotion require qualification certification, that is, it is necessary to submit a business license for review before it can be promoted. However, it is not difficult for the black production team to find an account that has passed the qualification certification, including the existence of a ghost within the enterprise or direct hacking. Therefore, these phishing websites can enter the top search engine in China for promotion, and fraudulently obtain user account passwords.
Screenshot of the record query provided by the webmaster's house:
The registrant contact email address of this phishing website is a pinyin: the sale of the record domain name. It is also estimated that the blacksmiths specifically sold these already filed domain names to the black production team. After all, it is impossible for people to use their own real information to record the website and use it as a phishing website.
Where is the lack of Baidu and 360 search:
The statement issued by Baidu indicates that the promoters arbitrarily modify the landing page for fishing. This is also true because it can be arbitrarily jumped through the webpage code form. The 360 search for this phishing site should be similar, but the two search engines apparently did not do the daily secondary review. If you conduct a random second review, you will find that the landing page has been redirected to the phishing website. It is natural that you should immediately mark the number and stop promoting it.
However, the two same problems indicate that there are problems in both companies, and most users cannot distinguish between phishing websites and cannot give feedback at all. Just relying on user feedback seems to be a big joke. After all, thousands of keywords have been promoted and how many words can be discovered by dedicated users?