A recent study shows that organized criminals create approximately 8,000 malicious websites every day, or over 57,000 each week.
These malicious websites model legitimate websites that we visit every day, such as bank websites, online shopping sites, and eBay. According to this study, the most frequently impersonated companies include Visa, Amazon.com, PayPal, HSBC, and the United States Internal Revenue Service.
People are typically directed to these scam sites in one of three ways:
1. Often, potential victims end up visiting these spoofed websites via phishing scams. Phishing, of course, occurs when you receive an email that appears to be sent from your bank or other trusted entity, and a link in the email brings you to a website that is designed to steal your login credentials.
2. Scammers lure victims to their scam sites via search engines. When a website is created and uploaded to a server, search engines index the scam sites as they would any legitimate site. Doing a Google search can sometimes lead you to a website designed to steal your identity.
3. Social media sites like Facebook and Twitter are free, and this gives scammers an advertising platform. Criminals simply post links in status messages, on group pages, or fan message boards, using the legitimate appearance of the site to gain credibility.
Once a computer user clicks one of these links, he or she ends up on a website that is riddled with malicious software, which may install itself on the victim’s computer even if the victim doesn’t click or download anything on the scam site. This tactic is called a “drive by.” Or, users may be tricked into clicking links to download files. Either way, the ultimate goal is to gather usernames, passwords, and, if possible, credit card or Social Security numbers in order to steal identities.
By understanding how these scams work, PC users can begin to learn what to do while online and, more importantly, what not to do.
Never click on links in the body of an email. NEVER. Always go to your favorites menu or manually type the address into the address bar. This means that you should never copy and paste links from emails, either.
When searching out a product or service, be aware that you could be led to a scam site. A properly spelled web address is one indicator of an established, legitimate site. Try to restrict your business to sites you know and trust. Also, before entering credit card information, look for “https://” in the address bar. This means it’s a secure page and less likely to be a scam.
Just because a link for a tempting deal appears on a popular social networking website doesn’t mean it’s legitimate. I’d shy away from clicking links. Use your common sense. If it seems too good to be true, it is.
Forewarned is forearmed.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Safe Searching on Your Mobile Device
The web and especially the mobile web can be a minefield of malicious links luring you to click, so bad guys can infect your device. Search engines do their best to filter these sites out but nefarious criminals have found ways to get their scammy pages to the top of search through a process called
- Mobile and Phishing – Why It’s More Dangerous
Phishing occurs when scammers send emails that appear to have been sent by legitimate, trusted organizations in order to lure recipients into clicking links and entering login data and other credentials. SMiShing is a version of phishing in which scammers send text messages rather than emails, which, as with phishing emails, appear to have been sent by
- What is Typosquatting?
Typosquatting, also known as URL hijacking, is a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com”). When users make such a typographical error, they may be led to an alternative website owned
- This Holiday Season, Beware of Phantom Websites
A “fly by night” business is one that quickly appears and disappears, without concern for the quality of their product or service, or for legal regulations. These untrustworthy businesses often operate fraudulently. On the Internet, a fly by night business is called a “phantom website.” Phantom websites exist to collect personal and credit card information. They
- 7 Ways to Tell If It’s a Fake
Unfortunately in today’s world, scammers are coming at us from all angles to try and trick us to get us to part with our hard earned money. We all need to be vigilant in protecting ourselves online. If you aren’t paying attention—even if you know what to look for—they can get you. There are numerous ways
Leave a Comment
You must be logged in to post a comment.