Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Missed your Google Wave invite? Fear not, scammers to the rescue!

Symantec Security Response has detected a scam campaign that is luring people who want to get into the Google Wave community.
  • 03 November, 2009 12:38

<p>Google Wave is a new online tool for real-time communication and collaboration developed by Google. Many people who missed the initial sign up for this application are now seeking invites to the service. Scammers have latched onto this and are trying to take advantage of Google Wave’s current popularity and trusted brand status to peddle malware to unsuspecting victims.</p>
<p>Symantec Security Response has detected a campaign luring people who want to get into the Google Wave community by promising not only an application that generates Google Wave invites, but also the opportunity to profit by selling these invites to other people who want to ride the Google Wave. In reality, this promised application does not work and is actually a piece of malware.</p>
<p>Scammers draw attention to their latest scam by automatically posting entries on forums and microblogging sites such as Twitter across the Web. They offer forum users or Twitter users the opportunity to download the application to generate Google Wave invites. Once the scammers have the word out, the next stage is to get victims to download and install this malicious application: Examples of these blog posts can be found at:</p>
<p>The promise of a Google Wave invite, and extra cash by selling additional invites, is the lure to try and trick users into running the software. In this case, Google Wave was only selected as the bait because of its current popularity. Using a trusted brand like Google also increases the chance of success for the attacker. This technique is something cybercriminals use all the time and internet users should not let their guard down – if something appears too good to be true, then it usually is.</p>
<p>Symantec customers are protected from this attack as long as they have their antivirus definitions up to date.</p>
<p>Consumer advice:</p>
<p>Be careful what you click on. Exercise caution when clicking on links from unknown senders.</p>
<p>Only download applications from reputable sources. In this case, Google Wave’s official website has a page for users to request invites.</p>
<p>Deploy protection: Arm yourself with strong and updated security software to catch and prevent malware from downloading. Norton’s 2010 products proactively protect from spyware, viruses, worms, hackers and botnets, and other security risks.</p>
<p>Please let me know if you have any questions or would like to speak with a Symantec expert.</p>
<p>Media Contact:</p>
<p>Jasmin Athwal</p>
<p>Max Australia</p>
<p>+61 2 9954 3492</p>

Most Popular

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Media Release

More media release