Google+ Local hit with thousands of compromised hotel links

Jan 15, 2014
0
Google+ Local hit with thousands of compromised hotel links

Yesterday, news surfaced of an annoying and somewhat unanticipated so-called hijacking of hotel links within Google+ Local accounts by yet-unknown spammers. When clicked, the compromised links took prospective customers to a third-party book service. Whether the third-party services were responsible for the compromised accounts or another entity entirely -- someone operating under an affiliate account sees most likely, in that scenario -- also isn't yet known.

The compromised links were first reported on by the folks over at Search Engine Land. It would seem thousands of hotel-based Google+ accounts were compromised, with the only change taking place being an alteration to the URL under its avatar in the main profile box -- the URL in the "Links" section also seems to have been changed. Further adding to the element of obfuscation was the nature of the compromised URLs in and of themselves.

The hijacked links, if they can be appropriately called that, upon first glance appeared legit enough, usually starting with the name of the hotel before the third-party's domain. The links pointed to RoomsToBook[dot]info, as well as a .NET variation, and HotelsWhiz[dot]com. The folks behind the report tried to contact the sites' owners without success.

Both RoomsToBook domains point to servers for a HotelWhiz offshoot, however, called HotelWhiz[dot]info. At this point, there's no word on whether the company is responsible or someone else entirely, and Google hasn't been forthcoming in details, though it is working on fixing the problem. Some pages have been removed, and the Internet giant has confirmed it is both aware and cleaning up the mess.

SOURCE: Search Engine Land


Must Read Bits & Bytes