Phishing, Fraudulent, and Malicious Websites

Home
>
Internet Security
>
Phishing, Fraudulent, and Malicious Websites

Phishing, Fraudulent, and Malicious Websites

Whether we like it or not, we are all living in the Information Age. We have nothing left but adapt to rapidly developing information technology, no matter who we are and what we do for living.

The Internet, in particular, means for us boundless opportunities in life and business ? but also lots of dangers unheard of just a decade ago. We should be aware of these dangers if we want to use the huge potential of the Internet and to avoid the hazards it brings us.

Warning: There are Websites You'd Better Not Visit

Phishing websites

Thanks to authors of numerous articles on this topic, "classic" phishing technique is relatively well known. This scam involves setting bogus websites and luring people to visit them, as a rule, by links in emails. Phishing website is disguised to look like a legitimate one -- of a bank or a credit card company, and users are invited to provide their identifying information. Sites of this kind are used solely to steal users' passwords, PIN numbers, SSNs and other confidential information.

At first phishing consisted only of a social engineering scam in which phishers spammed consumer e-mail accounts with letters ostensibly from banks. The more people got aware of the scam, the less spelling mistakes these messages contained, and the more these fraudulent websites resembled legitimate ones. Phishers are getting smarter. They eagerly learn; there is enough money involved here to turn criminals into earnest students.

Keyloggers and Trojans

Since about November 2004 there has been a lot of publications of a scheme which at first was seen as a new kind of phishing. This technique includes contaminating a PC with a Trojan horse program. The problem is that this Trojan contains a keylogger which lurks at the background until the user of the infected PC visits one of the specified websites. Then the keylogger comes to life to do what it was created for -- to steal information.

It seems that this technique is actually a separate scam aimed at stealing personal information and such attacks are on the rise. Security vendor Symantec warns about commercialisation of malware -- cybercriminals prefer cash to fun, so various kinds of information-stealing software are used more actively.

Fraudulent websites are on the rise

Websense Security Labs -- a well-known authority in information security -- noticed a dramatic rise in the number of fraudulent websites as far back as in the second half of 2004. These sites pose as ones for e-commerce; they encourage users to apply for a reward or purchase something, of course never delivering the product or paying money. The most popular areas for such fraud are online pharmacies, lottery scams, and loan / mortgage sites. Experts predict there will be more fake merchants in future and their scams will become more sophisticated.

A Hybrid Scam

In April Panda Software warned Internet users of a new particularly brazen scam aimed at stealing confidential information. The technique used here looks like a hybrid between phishing and a fraudulent website.

Panda Software identified several websites offering cheap airline tickets which in fact weren't selling anything; the aim was to cheat users out of credit card details.

This scam is very simple; the thieves simply wait until some unsuspecting user who is searching for, say, airline ticket offers, finds their site offering dirt-cheap airline tickets. Really pleased with himself and looking forward to the trip, the user fills in the form, entering his credit card number, expiry date and verification value (CVV).

As soon as these details have been entered, an error page appears; it tells the user that the transaction has been unsuccessful, and offers instructions on how to pay for the ticket by postal money order. So the user may well be fooled twice. He loses his credit card details, putting them right into the hands of cyber-crooks, and then loses money, if decides to buy the ticket by money order.

Of course, these sites have already been disabled, but who knows whether (or better to say when) other ones will appear again, this time offering all kinds of products.

Malicious websites are especially dangerous. Cybercriminals create them exclusively to execute malicious code on the visitors' computers. Sometimes hackers infect legitimate sites with malicious code.

Bad news for blog readers: blogs can be contaminated, too. Since January, Websense Security Labs has discovered hundreds of these "toxic" blogs set by hackers.

When unsuspecting users visit malicious sites, various nasty applications are downloaded and executed on their computers. Unfortunately, more and more often these applications contain keyloggers--software programs for intercepting data.

Keyloggers, as it is clear from the name of the program, log keystrokes --but that's not all. They capture everything the user is doing -- keystrokes, mouse clicks, files opened and closed, sites visited. A little more sophisticated programs of this kind also capture text from windows and make screenshots (record everything displayed on the screen) ? so the information is captured even if the user doesn't type anything, just opens the views the file.

In February and March 2005, Websense Security Labs researched and identified about 8-10 new keylogger variants and more than 100 malicious websites which are hosting these keyloggers EACH WEEK. From November of 2004 through December 2004 these figures were much smaller: 1-2 new keylogger variants and 10-15 new malicious websites per week. There is by all means a disturbing tendency--the number of brand-new keyloggers and malicious website is growing, and growing rapidly.

What a user can do to avoid these sites?

As for phishing, the best advice is not to click any links in any email, especially if it claims to be from a bank.

Opening an attachment of a spam message can also trigger the execution of malicious program, for example a keylogger or a keylogger-containing Trojan horse.

As for fraudulent websites, maybe buying goods only from trusted vendors will help -- even if it is a bit more expensive.

As for malicious websites? "Malicious websites that host adult entertainment and shopping content can exploit Internet Explorer vulnerabilities to run code remotely without user interaction."(a quote from the Websense's report). What can a user do about it? Not much, but avoiding adult sites and buying only from known and trusted online stores will reduce the risk.

Hackers also attract traffic to malicious websites by sending a link through spam or spim (the analog of spam for instant messaging (IM). So a good advice never follow links in spam is worth remembering once more.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company. The company's R&D department created an innovative technology, which disables the very processes of information capturing -- keylogging, screenshoting, etc. It makes the company's anti-keylogging software truly unique: it doesn't detect keyloggers or information-stealing Trojans one by one -- they all simply can't work.

Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:

pen paper and inkwell

cat break through

A Personal Experience with Identity Theft

Some months ago, before there was much publicity regarding phishing... Read More

Secure Your PC From Hackers, Viruses, and Trojans

Viruses, Trojans and Spyware: Protecting yourself.No user on the internet... Read More

Online Shopping: 10 Tips For Safe Online Shopping

Have you ever bought a product or service from the... Read More

Virus Nightmare..Lessons Learned

I got a virus the other day, Thursday I believe... Read More

The Top Twelve Threats No Computer User Should Ignore

The internet is undoubtedly a fantastic resource for families and... Read More

Reclaim Your PC from the Internet Spies

Viruses are, however, not the only malicious software programs out... Read More

7 Ways to Spot a PayPal Scam E-Mail

Paypal is a great site and is used by many... Read More

Protecting Your Home Both Inside and Out

If you are a parent, you have probably wondered at... Read More

Viruses, Trojans, and Spyware - Oh My!

Have you ever had to call Symantec or McAfee to... Read More

Phishing, Fraudulent, and Malicious Websites

Whether we like it or not, we are all living... Read More

Internet Scams: Dont be a Victim

As the number of people using the Internet as an... Read More

How Can Someone Get Private Information From My Computer?

From the "Ask Booster" column in the June 17, 2005... Read More

Spyware Programs Are Out To Get You!

The average computer is packed with hidden software that can... Read More

3 Simple Steps to Stay Safe from Spyware

There are several basic concepts to keep in mind when... Read More

Watching the Watchers: Detection and Removal of Spyware

If spyware were a person and he set himself up... Read More

How to Protect Your Child from the Internet

When the Internet first came about, it was realized it... Read More

Click Here To Defeat Evil

Microsoft routinely releases new security updates, many of which are... Read More

Computer Viruses - How to Remove a Computer Virus from Your Computer

Computer viruses infect millions of computers every day. Viruses can... Read More

Social Engineering - The Real E-Terrorism?

One evening, during the graveyard shift, an AOL technical support... Read More

Identity Theft Offline -- So Many Possibilities

Chris Simpson, head of Scotland Yard's computer crime unit was... Read More

Hacking the Body Via PDA Wireless Device

First I would like to stress I am condoning the... Read More

Detect Spyware Online

You can detect spyware online using free spyware cleaners and... Read More

HackAttack

P C. owners are constantly at risk from attacks by... Read More

Protecting Your Children On The Internet

If you are a parent, as am I, I think... Read More

Beware of Imitations! Security, Internet Scams, and the African Real Estate Agenda

Fishing on the Internet has come a long way. However,... Read More

Spy Scanners ? Don?t Compromise your Privacy

Spies, spyware, internet parasites are among what they are usually... Read More

Anti-Spyware Protection: Behind How-To Tips

There is no doubt that "how-to articles" have become a... Read More

Ransom Trojan Uses Cryptography for Malicious Purpose

Every day millions of people go online to find information,... Read More

The Saga of the Annoying Adware

When we think of adware, what comes to mind are... Read More

3 Steps to Ending Scams and Virus Problems

Watching how the traditional media covers the latest virus or... Read More

Spyware ? Your Web Browser is the Culprit!

My first experience with a spyware BHO based infection was... Read More

Firewall Protection - Does Your Firewall Do This?

The first thing people think about when defending their computers... Read More

New CipherSend Online Security Service Thwarts Email Address Theft And Soothes Password Fatigue

In 1997, I decided after 15 years as a practicing... Read More

dog break through

pen books and inkwell

Is Your Email Private? Part 1 of 3

In a word, no - an email message has always... Read More

Avoiding Scams: If It Sounds Too Good to Be True, It Probably Is

A week or so ago, I received an inquiry from... Read More

How To Be Your Own Secret Service Agency

So you want to know who your kids are chatting... Read More

Make Money Online - Latest Scam Disclosed

Before we start, I want to make it clear that... Read More

Breaking Into Your PC: News...

You'd better learn news from media, not from emails, security... Read More

Phishing - A High Tech Identity Theft With A Low Tech Solution

Have you ever got an email asking you to confirm... Read More

How Free Scripts Can Create Security Problems

With the Internet entering our lives in such an explosive... Read More

Top Spyware Removers Considerations

Only the top spyware removers are successful at detecting and... Read More

Message Board Security Problems

Security leaks can be a big problem for any site... Read More

What to Look for before You Purchase Spyware Software

Huge number of spyware software applications are available in the... Read More

An Open Door To Your Home Wireless Internet Network Security?

This is not some new fangled techno-speak, it is a... Read More

Phishing, Fraudulent, and Malicious Websites

Whether we like it or not, we are all living... Read More

Identity Theft - Dont Blame The Internet

Identity theft ? also known as ID theft, identity fraud... Read More

Top Five Online Scams

The top five online scams on the Internet hit nearly... Read More

Is My PC Vulnerable on the Internet?

No longer are viruses the only threat on the internet.... Read More

6 Ways To Prevent Identity Theft

These six ways to prevent identity theft offer you valuable... Read More

Phishing ? Its Signs and Your Options

Phishing is the act of some individual sending an email... Read More

I Spy...Something Terribly Wrong (In Your Computer)

This really chapped my lips...I recently bought a new computer.... Read More

The Risk Of Electronic Fraud & Identity Theft

Electronic Fraud and Identity Theft Human beings are pretty... Read More

Phishing - Learn To Identify It

Phishing: (fish'ing) (n.)This is when someone sends you an email... Read More

Why you Must Secure your Digital Product and Thank You Web Page

A couple of years back, I paid my dues the... Read More

Phishing and Pharming: Dangerous Scams

As soon as almost all computer users already got used... Read More

Protecting Your Children On The Internet

If you are a parent, as am I, I think... Read More

Is That Free Stuff Like An iPod Or Desktop Computer Really Free?

Have you seen the web site, www.freestuff.com? Or have you... Read More

8 Surefire Ways to Spot an E-Mail Identity Theft Scam!

The E-Mail Identity Theft Scam is running Rampant. These E-Mail... Read More

Website Security - Creating a Bulletproof Site in 5 Easy Steps

When it comes to a secure website and passwords it... Read More

Internet/Network Security

Abstract Homogeneous symmetries and congestion control have garnered limited interest... Read More

Burning Bridges is Bad, But Firewalls are Good

When you signed up for that ultra-fast DSL or Cable... Read More

Computer Viruses - How to Remove a Computer Virus from Your Computer

Computer viruses infect millions of computers every day. Viruses can... Read More

Lets Talk About Antivirus Software!

Nowadays more and more people are using a computer. A... Read More

Internet Identity Theft - How You Can Shield Yourself

With the advent of the World Wide Web, a whole... Read More

Reporting Internet Scams

When it comes to reporting Internet scams most of us... Read More

Steganography ? The Art Of Deception & Concealment

The Message Must Get Through The year is 300A.D.,... Read More

Access Info Hub | Privacy Policy | Contact |

FTC Required Website Disclosure: You should assume that the Owner of this Website has an affiliate relationship and/or another material connection to the providers of goods and services mentioned in this website and may be compensated when you purchase from a provider. You should always perform due diligence before buying goods or services online. The Owner does not accept payment or merchandise in exchange for the reviews themselves. They are written objectively and with honesty.

Amazon Affiliate Disclaimer: AccessInfoHub.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.

Phishing, Fraudulent, and Malicious Websites

Internet Security