Like it or not, the Internet brings us not only benefits, but also some bad things. Of course, it does that not by itself, but with ‘help’ from criminals, a big number of which are scammers, often referred to as phishers. These criminals make fake web sites that mimic the official pages of companies and brands, which you can land on after receiving an email containing a fake URL and then proceeding to give your login and password, or even some financial credentials.
Protecting yourself from such kinds of threats isn’t very difficult: all you need is a decent protection software and your own vigilance, based on some knowledge about how these fake sites differ from original ones and from where scammers get their ideas. We have a number (http://blog.kaspersky.com/fifa-malware/) of posts (http://blog.kaspersky.com/fake-sites-apr1/) about the first item, but we have yet to tell you about the second one. So let’s do it right now.
There’s just one major thing you need to know: if the topic is hot, then chances are it will be used by scammers. The best way to know which topics are trending is to read and watch news, as all those Internet crooks tend to do the same. Let’s go through some examples.
FIFA World Cup
Thanks to this sporting event, our inboxes were full of spam messages with links to fake sites (predictions, tickets, tips and any kinds of sweepstakes), which were designed to attract soccer fans from all around the world. Attackers always follow major sporting events and FIFA World Cup was no exception. Scammers were trying hard to make some easy money and, unfortunately, sometimes they succeeded.
Sometimes they go even further: during the World Cup in Brazil, phishers made a number of perfectly made sites which even experienced people couldn’t identify as fakes. The trick was based on registering domains that mentioned popular local brands including banks, shops, etc. Moreover, scammers managed to get proper SSL-certificates (http://blog.kaspersky.com/digital-certificates-https/) which were given by legitimate companies like, Comodo, EssentialSSL, Starfield, Register.com and others. Thus even the most cautious people were fooled by these sites and dell into the criminals’ trap.
Here’s an example of such a site using Cielo brand, which is owned by a Brazilian Visa representative:
Any trusted brands can be used. Here’s another example of a fake site using the MasterCard logo:
And here’s a page utilizing a photo of famous Brazilian TV presenter, Rodrigo Faro:
So how can you recognize fake sites and domains like these? It can be far from simple, especially if you have no idea how the original page or domain looks. That’s why it makes sense to use special software to prevent you from visiting fake Internet resources, and it’s even better if that software works in a proactive way, like the new Kaspersky Internet Security (http://www.kaspersky.com/multi-device-security) which blocks fake domains before scammers will activate its malicious content.
Phishers are smart and tricky, but there's always a way to find out where their traps are.Tweet
Big political and social events
Once any political, social or even military actions start to happen, various sites and posts on social networks instantly appear, trying to raise some money for a group, party, team, or just individuals. But nobody knows who is actually getting all this money in the end, and the worst thing here is you could never find out where your money will go after you finish the transaction. The only right way to act in such situations is to not give any money to anyone, unless you know this individual personally and/or have a chance to ensure your money will reach the right place or person. Earthquakes, floods and other cataclysms are examples of events that attract vast numbers of scammers. Unfortunately, the money raised by these guys will never go to those who really need it. So it’s always a good idea to Google the URL, or the name mentioned in a message, and check if it’s a scam or not.
Reading news and double-checking everything before giving your money to anyone, and having a trusted protection software is a necessary habit that will significantly reduce the list of phishers and scammers who want to make some profit off of you.