A Russian spammer Vitaly Popov has been exploiting popular sites by sending fake traffic for the past six years now and he likes to refer to his spamming tricks as Creative Marketing. In fact, his own website “ilovevitaly(dot)com” is identical to Google. You can say that this Russian site is a clone of Google. The fake Google site was discovered by Analytics Edge, a web analytics firm.
It is no ordinary feat that he was able to create fake Google but you can identify the fake from the authentic one by checking out the letter G in the web address, which is the fake one is in Capital. It is not odd because it isn’t how standard web addresses use letters but it is odd because it actually indicates character Unicode 0262 which is known as “Latin Letter Small Capital ɢ.” So, fake Google’s web address appears as ɢoogle.com.
Catalin Cimpanu of Bleeping Computer noted that this is rather alarming technique because it is possible that malicious cyber-criminals can make clones of famous websites and use Unicode character swaps to create banking, social media sites or online shopping sites duplicates. It is indeed surprising that until now none of the big brands have attempted to use Unicode-based spellings while registering domain names.
According to Analytics Edge, the fake domain of Google is being used for Referral Spamming, which refers to the abuse of the resources of a website by an unauthorized individual or linking back in huge numbers. The outcome of Referral Spamming is that Google Analytics’ data gets contaminated and through launching fake referral mentions the attacker manage to hide the accurate location of the incoming links. Usually, webmasters tackle with referral spamming by implementing filters to the Google Analytics dashboard.
However, in fake Google’s case, the firm’s research team stated that spammers didn’t inspect websites for hotlinking images or probable vulnerabilities. Instead, the Russian spammers left a message “Vote for Trump.” The message started appearing on various Analytics Edge clients’ dashboards.
This was when Analytics Edge discovered the source of spam because it appeared to have come from this domain: “secret.ɢoogle.com.”
It did appear odd to the research team that Google would use this sort of a tactic to motivate people or to convey a political message. Therefore, the team of researchers attempted to track down the website and then the entire spamming campaign was exposed.
This spamming act started earlier this year.