Hackers abuse Google Alerts to launch a fake Adobe Flash updater that installs other unwanted programs on computers unsuspecting users. In particular, hackers create fake news with headlines that contain popular keywords, which is then indexed by Google Search. Once indexed, Google Alerts notifies people who follow these keywords.
When a user visits fake news using a Google redirect link, they are redirected to the malicious site controlled by cybercriminals. However, if you visit the address directly URL of fake news, the site will report that the page does not exist.
BleepingComputer tracked fake news indexed by Google and promoted by Google Alerts last week. They redirect them users on sites that promote unwanted messages browser alert, unwanted extensions or fake gifts associated with it Amazon or other E-commerce sites.
While Adobe Flash Player is no longer supported by anyone Browser (once it has reached the end of its life), many users may not realize it and click the "Update" button believing that this way they will install the latest update.
If a user clicks the "Update" button, they will download a file setup.msi [VirusTotal] which installs a potentially unwanted program called One Updater. Over time, One Updater will display updates to be installed and fill a user's computer with potentially unwanted and malicious programs.
Therefore, if a user sees that they are being redirected to a website, via Google Alerts, Google Search, or any other medium and is asked to install a program extension or update, they should not do so, but should close it immediately. Browser. Installing fake Adobe Flash updater and other similar programs usually leads to malicious activity or unwanted behavior that only benefits application developers.