Phishing, Fraudulent, and Malicious Websites

Home
>
Internet Security
>
Phishing, Fraudulent, and Malicious Websites

Phishing, Fraudulent, and Malicious Websites

Whether we like it or not, we are all living in the Information Age. We have nothing left but adapt to rapidly developing information technology, no matter who we are and what we do for living.

The Internet, in particular, means for us boundless opportunities in life and business ? but also lots of dangers unheard of just a decade ago. We should be aware of these dangers if we want to use the huge potential of the Internet and to avoid the hazards it brings us.

Warning: There are Websites You'd Better Not Visit

Phishing websites

Thanks to authors of numerous articles on this topic, "classic" phishing technique is relatively well known. This scam involves setting bogus websites and luring people to visit them, as a rule, by links in emails. Phishing website is disguised to look like a legitimate one -- of a bank or a credit card company, and users are invited to provide their identifying information. Sites of this kind are used solely to steal users' passwords, PIN numbers, SSNs and other confidential information.

At first phishing consisted only of a social engineering scam in which phishers spammed consumer e-mail accounts with letters ostensibly from banks. The more people got aware of the scam, the less spelling mistakes these messages contained, and the more these fraudulent websites resembled legitimate ones. Phishers are getting smarter. They eagerly learn; there is enough money involved here to turn criminals into earnest students.

Keyloggers and Trojans

Since about November 2004 there has been a lot of publications of a scheme which at first was seen as a new kind of phishing. This technique includes contaminating a PC with a Trojan horse program. The problem is that this Trojan contains a keylogger which lurks at the background until the user of the infected PC visits one of the specified websites. Then the keylogger comes to life to do what it was created for -- to steal information.

It seems that this technique is actually a separate scam aimed at stealing personal information and such attacks are on the rise. Security vendor Symantec warns about commercialisation of malware -- cybercriminals prefer cash to fun, so various kinds of information-stealing software are used more actively.

Fraudulent websites are on the rise

Websense Security Labs -- a well-known authority in information security -- noticed a dramatic rise in the number of fraudulent websites as far back as in the second half of 2004. These sites pose as ones for e-commerce; they encourage users to apply for a reward or purchase something, of course never delivering the product or paying money. The most popular areas for such fraud are online pharmacies, lottery scams, and loan / mortgage sites. Experts predict there will be more fake merchants in future and their scams will become more sophisticated.

A Hybrid Scam

In April Panda Software warned Internet users of a new particularly brazen scam aimed at stealing confidential information. The technique used here looks like a hybrid between phishing and a fraudulent website.

Panda Software identified several websites offering cheap airline tickets which in fact weren't selling anything; the aim was to cheat users out of credit card details.

This scam is very simple; the thieves simply wait until some unsuspecting user who is searching for, say, airline ticket offers, finds their site offering dirt-cheap airline tickets. Really pleased with himself and looking forward to the trip, the user fills in the form, entering his credit card number, expiry date and verification value (CVV).

As soon as these details have been entered, an error page appears; it tells the user that the transaction has been unsuccessful, and offers instructions on how to pay for the ticket by postal money order. So the user may well be fooled twice. He loses his credit card details, putting them right into the hands of cyber-crooks, and then loses money, if decides to buy the ticket by money order.

Of course, these sites have already been disabled, but who knows whether (or better to say when) other ones will appear again, this time offering all kinds of products.

Malicious websites are especially dangerous. Cybercriminals create them exclusively to execute malicious code on the visitors' computers. Sometimes hackers infect legitimate sites with malicious code.

Bad news for blog readers: blogs can be contaminated, too. Since January, Websense Security Labs has discovered hundreds of these "toxic" blogs set by hackers.

When unsuspecting users visit malicious sites, various nasty applications are downloaded and executed on their computers. Unfortunately, more and more often these applications contain keyloggers--software programs for intercepting data.

Keyloggers, as it is clear from the name of the program, log keystrokes --but that's not all. They capture everything the user is doing -- keystrokes, mouse clicks, files opened and closed, sites visited. A little more sophisticated programs of this kind also capture text from windows and make screenshots (record everything displayed on the screen) ? so the information is captured even if the user doesn't type anything, just opens the views the file.

In February and March 2005, Websense Security Labs researched and identified about 8-10 new keylogger variants and more than 100 malicious websites which are hosting these keyloggers EACH WEEK. From November of 2004 through December 2004 these figures were much smaller: 1-2 new keylogger variants and 10-15 new malicious websites per week. There is by all means a disturbing tendency--the number of brand-new keyloggers and malicious website is growing, and growing rapidly.

What a user can do to avoid these sites?

As for phishing, the best advice is not to click any links in any email, especially if it claims to be from a bank.

Opening an attachment of a spam message can also trigger the execution of malicious program, for example a keylogger or a keylogger-containing Trojan horse.

As for fraudulent websites, maybe buying goods only from trusted vendors will help -- even if it is a bit more expensive.

As for malicious websites? "Malicious websites that host adult entertainment and shopping content can exploit Internet Explorer vulnerabilities to run code remotely without user interaction."(a quote from the Websense's report). What can a user do about it? Not much, but avoiding adult sites and buying only from known and trusted online stores will reduce the risk.

Hackers also attract traffic to malicious websites by sending a link through spam or spim (the analog of spam for instant messaging (IM). So a good advice never follow links in spam is worth remembering once more.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company. The company's R&D department created an innovative technology, which disables the very processes of information capturing -- keylogging, screenshoting, etc. It makes the company's anti-keylogging software truly unique: it doesn't detect keyloggers or information-stealing Trojans one by one -- they all simply can't work.

Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:

pen paper and inkwell

cat break through

Eliminate Adware and Spyware

Everyone should eliminate spyware and adware from your hard drive... Read More

Burning Bridges is Bad, But Firewalls are Good

When you signed up for that ultra-fast DSL or Cable... Read More

Virus Nightmare..Lessons Learned

I got a virus the other day, Thursday I believe... Read More

Pharming - Another New Scam

Pharming is one of the latest online scams and rapidly... Read More

8 Surefire Ways to Spot an E-Mail Identity Theft Scam!

The E-Mail Identity Theft Scam is running Rampant. These E-Mail... Read More

Spyware Symptoms

Spyware symptoms happen when your computer gets bogged down with... Read More

Arming Yourself Against Spyware

While clicking from site to site on the internet you... Read More

A New Low

A new variation of the Nigerian Scam theme ... Read More

Click Here To Defeat Evil

Microsoft routinely releases new security updates, many of which are... Read More

Preventing Online Identity Theft

Identity theft is one of the most common criminal acts... Read More

The Truth About Hiding Your Tracks on the Internet

Ok, ok, I know you've seen them. All those pop... Read More

The Top Twelve Threats No Computer User Should Ignore

The internet is undoubtedly a fantastic resource for families and... Read More

With the Rise of Internet Crimes, Users are Turning to High-Tech ?PI?s? for Solutions

High-tech private investigators are becoming the answer for many Internet... Read More

Be Aware of Phishing Scams!

If you use emails actively in your communication, you must... Read More

How to Fight Spyware

If you are wondering how to fight spyware for safe... Read More

Firewalls: What They Are And Why You MUST Have One!

A firewall is a system or gateway that prevents unauthorized... Read More

New Mass Mailing Spamming Internet Trojan for the Windows Platform

May. 16th 2005 - MicroWorld has reported the discovery of... Read More

Is Your Music Player Spying On You?

In today's times spyware is a very serious issue and... Read More

How Can Someone Get Private Information From My Computer?

From the "Ask Booster" column in the June 17, 2005... Read More

Data Security; Are Your Company Assets Really Secure?

Is your data secure? Think again. Securing data is unlike... Read More

Spyware Protection Software

Spyware protection software is the easiest way of removing spyware... Read More

Top Spyware Removers Considerations

Only the top spyware removers are successful at detecting and... Read More

Dont Fall Victim to Internet Fraud-10 Tips for Safer Surfing

The Internet offers a global marketplace for consumers and businesses.... Read More

Make Money Online - Defend Against The Latest Scam

First, let's do a little recap'. As I stated in... Read More

Phishing - Identity Theft & Credit Card Fraud

What is Phishing? Phishing is a relatively newly coined term... Read More

How Spyware Blaster Can Protect Your Computer From Harm

By browsing a web page, you could infect your computer... Read More

What is Spyware?

The most frustrating part of having Spyware on your computer... Read More

Password Security and Safety

There is nothing more important that password security in world... Read More

Online Shoppers, Beware of a New Scam

Beware of a New Scam Aimed at Bargain-HuntersTrying to buy... Read More

Personal Firewalls - Secure Your Computer

There has not been a time in the history of... Read More

Spyware Removal

Spyware SolutionProbably Today's Biggest Computer Problem. You Suffer Without Knowing... Read More

Spyware is Not Like a Nosy Neighbor

Remember the television show about the nosy neighbor Mrs. Kravitz... Read More

Dont be a Dork ? Protect Yourself

There are folks out there who use their powers for... Read More

dog break through

pen books and inkwell

Click Here To Defeat Evil

Microsoft routinely releases new security updates, many of which are... Read More

Why Corporations Need to Worry About Phishing

Phishing is a relatively new form of online fraud that... Read More

The Bad Guys Are Phishing For Your Personal Information

Do you know what "phishing" is?No, it doesn't mean you... Read More

The Important Steps To Protect Your Kids on the Internet

Internet is the ocean of knowledge. In this ocean you... Read More

Dont Miss Information Because of Misinformation

It has been said that with the wealth of information,... Read More

An Open Door To Your Home Wireless Internet Network Security?

This is not some new fangled techno-speak, it is a... Read More

How to Protect Yourself from Viruses, Spyware, Adware, and Other Nuisances

Spyware/adware is a new major concern for PC users everywhere.... Read More

Dialing Up a Scam: Avoiding the Auto-Dialer Virus

For many, the daily walk to the mailbox evokes mixed... Read More

Are You Surfing Safe?

Ok, you've got a computer, and you get online. You... Read More

Watching the Watchers: Detection and Removal of Spyware

If spyware were a person and he set himself up... Read More

Just Whos Computer is this Anyway?

Well, this is an article I never thought I would... Read More

Web Conferencing Readers - So What Do We Do with the PAYPAL SPAMMER

From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More

Computer Viruses, Worms, and Hoaxes

In recent days, I was one of the unfortunate persons... Read More

Is The Internet Over Regulated

Today's Internet or World Wide Web is being over regulated.But,... Read More

Traditional Antivirus Programs Useless Against New Unidentified Viruses!

Every now and then you can read about a new... Read More

Social Engineering: You Have Been A Victim

Monday morning, 6am; the electric rooster is telling you it's... Read More

8 Surefire Ways to Spot an EBAY Scam E-Mail and Protect Yourself from Identity Theft

Ebay is a great site and is used by many... Read More

Criminals are Fishing For Your Identity

What is Phishing? In a typical Phishing attack, a criminal... Read More

How to Manage Your Username and Password The Easy and Secure Way

Have been an Internet user for more than 9 years,... Read More

Lets Talk About Antivirus Software!

Nowadays more and more people are using a computer. A... Read More

3 Simple Steps to Stay Safe from Spyware

There are several basic concepts to keep in mind when... Read More

Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge

Is your enterprise following the rules?The bulk of financial information... Read More

Spyware, What It Is, What It Does, And How To Stop It

Spyware is software that runs on a personal computer without... Read More

Internet Scams: Dont be a Victim

As the number of people using the Internet as an... Read More

Identity Theft ? Beware of Phishing Attacks!

"Dear Bank of the West customer", the message begins. I've... Read More

A Painless Plagiarism Solution

A crowded marketplace can lead to unethical webmasters using underhand... Read More

Top Five Online Scams

The top five online scams on the Internet hit nearly... Read More

Securing Your Accounts With Well-Crafted Passwords

In the past I've never really paid much attention to... Read More

Is Spyware Watching You?

Imagine my surprise when I received a phone call from... Read More

How To Prevent Spyware Attacking Your Computer

Spyware is software or hardware installed on a computer without... Read More

Web and Computer Security

Well, if that would have been said to me by... Read More

5 Simple Steps to Protect your Digital Downloads

A couple of days ago, I was searching for a... Read More

The Never Ending Spyware Story

It's been with us since 1993, it's gotten more intrusive,... Read More

Access Info Hub | Privacy Policy | Contact |

FTC Required Website Disclosure: You should assume that the Owner of this Website has an affiliate relationship and/or another material connection to the providers of goods and services mentioned in this website and may be compensated when you purchase from a provider. You should always perform due diligence before buying goods or services online. The Owner does not accept payment or merchandise in exchange for the reviews themselves. They are written objectively and with honesty.

Amazon Affiliate Disclaimer: AccessInfoHub.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.

Phishing, Fraudulent, and Malicious Websites

Internet Security