Flaw in Google+ Highlighted As Bogus Website Puts BoA in Bad Light

Jay Decenella, IT audit expert
November 15, 2011 /

A bogus Web site purporting to belong to Bank of America has painted a bad image for the bank, highlighting the flaws associated with Google+.

Bank of America is one of the financial institutions blamed by Occupy Wall Street protesters for their fate.

According to Chester Wisniewski, a Senior Security Advisor at Sophos Canada, the Google+ page does not appear to be controlled by Bank of America, “rather it seems to have been created by the attackers by tricking Google into giving them a business page under BoA’s name.”

The Web page posted a self-derogatory message: “We took your bailout money and your mortgage rates are going up. We are committed to making as much money as possible from usury, coercion, bribery, insider trading, extortion, and debit card fees as possible.”

According to Sophos, the cyber crime appear to have started on November 8, following the launch of Google+, the official service for businesses to use the social network.

“We have not seen a lot of abuse on the Google Plus service to date, but I am sure this incident is just the tip of the iceberg,” Wisniewski said.

“Google may have a real names only policy, but apparently their verification process leaves something to be desired,” he added.

Google+ lacks a verification process, allowing cyber criminals to lure users into believing that a fake page is genuine, which should serve as a precaution for anyone who wants to create a profile in the Web site.

 

Share your opinion