WARNING: New Gplus.To Site Not Affiliated with Google

July 5, 2011 · Filed Under Announcements, Identity Theft, Social Media · 6 Comments 

With the launch of the new Google+ Social Network last week there has been a landrush of (mostly techie) people to start trying out the new service. As with anything new and untested, always be wary of your privacy settings on the web, and especially to whom you’re giving your information.

Recently a new site launched called gplus.to – this site has no affiliation with Google, no privacy policy, and basically no information about who owns it or how it uses your information. It is basically a URL shortener to provide vanity URLs for Google+ accounts. The problem is there is absolutely no verification in place. You can take anyone’s Google+ ID number, enter it in the box, and create a unique vanity URL for any name you choose – whether or not you have access to that Google+ account. This allows a huge potential for spammers to engage in Social Media Identity Theft.

There is an opportunity here for these site owners to start engaging in massive data mining because they offer no terms of service or privacy policy. So in addition to allowing anyone to capture anyone else’s vanity URL, they are also capturing everyone’s information for their own purposes. They can also redirect your URL wherever they want before sending you to your profile – Malware, tracking exploits, botnets, etc. You should be EXTREMELY cautious about using this service.

JULY 6 UPDATE: Someone associated with the site from Turkey got in touch with us and updated their site to include a simple About message which explains they are not trying to do anything malicious, and they are not affiliated with Google. ¬†They also changed the appearance to make it look less like an actual Google page. ¬†Wasn’t so hard, was it?