In this festive season, everyone is gonna unbox their gifts today. There is a growing number of the use of gift card, especially for e-commerce giant, Amazon.
It sounds nice, however, the combination of Siri, Google and Amazon could lead to a fatal issue.
To begin with, when you are searching/ inputting anything into the search bar in Safari, they would not only search via the search engine (like Google) but Siri as well. That’s why we could see some sites are suggested by Siri.
Google, on their service side, is providing a free website builder (Google Site) for any users.
“Fisher” would like to take advantage of it by linking them together by pretending they are licensed/ genuine.
So, why does it matter?
When you type “amazon.co.uk/redeem” in Safari’s search bar, it would automatically redirect you to phishing site, as suggested by Siri with NO warning.
Of coz, a rational person could identify the phishing attack immediately.
However, there might be cognitive bias as they inputted the url correctly (amazon.co.uk/redeem) which may lead to the fatal result as amazon hold “no responsibility afterwards”.
It would be nice if a warning sign could be given especially as Siri/Apple could identify the nature of the url easily (like “redeem”/ “gift card”).
Luckily, Google has taken down the site minutes afterwards. Yet, they could build another phishing website in minutes which may probably end up in playing cat-mouse game.
Winson's Blog and Database 