How To Spot New Web Scams?
Fake web pages compromise your privacy, infect your PC and cheat you out of cash, but they can look very convincing. Here we explain how to spot the latest online scams.
Fake confirmation emails
What's the scam?
You receive an email confirming your hotel or flight reservation. Amazon order or a payment made to or from your bank account. Certain that you haven't made such a transaction, you open the attached file for more details, only to be infected by a virus.
What's the danger?
Recent examples of this scam have included particularly nasty attachments. The Sophos Naked Security blog (nakedsecurity.sophos.com) reports that fake booking confirmations for the Atlantic Hotel in Tenby contained the Troj/Agent-AAQY Trojan horse. This is "designed to hijack your Windows computer and give remote access to malicious hackers". Although your anti-virus software should be able to block the malware, there's still a chance it could wreak havoc on your system, especially if it's a relatively new threat.
How can you spot it?
Aside from ensuring that you never open an attachment unless you know what it is, look carefully at the 'received from' details in the message header. This will reveal the real domain the email was sent from (the one that appears in the 'From:' field can be easily faked). To view the header in Outlook.com, click the Actions menu and choose 'View message source'. In Yahoo Mail, go to Actions, View Full Header. In Gmail, click the 'Show details' menu next to the sender's name and check the 'mailed-by' line.
Microsoft Digital Crimes Unit emails
What's the scam?
Like an email version of the Microsoft phone scam, you receive a warning from the Microsoft Digital Crimes Unit that you need to download an important security file. This will supposedly prevent hackers from stealing your online details via a "new vulnerability".
What's the danger?
According to Sophos, the file attached to the email is actually the Troj/Agent-AANA Trojan. This is a vicious virus that will corrupt your Registry, bombard you with pop-ups, redirect web searches, shut down legitimate anti-malware tools and slow down your PC considerably.
Obviously, this isn't a file that the real Microsoft Digital Crimes Unit (www.microsoft.com/dcu), which aims to "put cybercriminals out of business and help keep the global internet community safe-, would be involved in distributing!
How can you spot it?
There are several giveaway signs that this message is a scam, from addressing you as 'Dear Email User' (rather than your name) to its poor spelling and grammar (such as 'there' instead of 'their'). The email also uses the old Microsoft logo, which would be rather embarrassing if it was from the real Digital Crime Unit. Also, Microsoft would never issue a security patch by email, preferring to provide fixes via Windows Updates.
Fake Twitter accounts
What's the scam?
Scammers set up fake accounts for famous people, which quickly attract lots of followers. They then use the account to spread spam and malware. Recently, a fake account for the new Pope, Jorge Bergoglio, attracted more than 110,000 followers, before it was removed by Twitter.
What's the danger?
If you're following a bogus famous person on Twitter, even if you know it's a joke account it's easy to click a link without thinking or knowing where it leads. This can result in your PC being infected by a malicious site, and is particularly common with links that have been shortened using services such as Bitly and Ow.ly.
How can you spot it?
Look for a tick next to the celebrity's name, which confirms that Twitter has verified the account as genuine. You should also install a browser add-on that expands the full web address of short URLs before you open them, such as Tactical URL Expander for Chrome.
For extra protection, SiteAdvisor warns you of dodgy links before you open a suspicious site.
Fake Java updates
What's the scam?
With hackers exploiting holes in Java to spread malware, it's essential to keep the plug-in up to date (or disable it altogether). Unfortunately, cybercriminals are also using Java updates for malicious purposes, setting up sites that tell you to download the latest version, which then infects your system.
What's the danger?
According to TrendMicro, which identified the threat in January (http://bit.ly/14r2mwl), when you install one of the fake updates, it downloads a backdoor virus, which then connects to a remote server and downloads the Trojan Troj_ Ransom.ACV. This locks your screen and attempts to display notifications from websites, although you may just be stuck with a blank page. Because of the sneaky way it installs and behaves, the Trojan can be tricky to remove.
How can you spot it?
Beware of prompts to install Java updates from any website other than the official Java site (www.java.com). If an installation box opens automatically, close your browser immediately. Ironically, TrendMicro found the malicious update on what appeared to be a news site about cybercrime, so be on your guard.
Shocking Facebook videos
What's the scam?
A video appears in your News Feed, apparently posted or 'liked' by a friend. This usually promises some form of salacious content, either involving a celebrity (often in a 'sex tape') or a nubile young lady (or both), or unseen footage of a news event.
What's the danger?
There are several versions of this 'clickjacking' scam, which has been around for several years but has become more prevalent in recent months. At its most basic, clicking the link will spam your friends with the same video, which is annoying for them and embarrassing for you. In other cases, you'll be asked to complete a survey before you can watch the video, which earns the scammer commission and can also trick you into sharing personal information. Worst of all, for the sake of watching a risque video that doesn't actually exist, you'll end up installing malware and spreading it to your friends' accounts, too.
How can you spot it?
Never click any Facebook video, photo or other link that contains the words "shocking", "I can't believe...", "you won't believe..." or similar language. If you accidentally click such a link, and are asked to 'like' or click something else, close Facebook or your browser straight away. The excellent website Facecrooks (facecrooks.com) provides news of all the latest Facebook scams, including many video tricks.
Google Glass pre-orders
What's the scam?
All those who can't wait to get a pair of the web-enabled specs, be aware that they can't yet be ordered. Any site that offers this is a scam.
What's the danger?
Websites fool you into pre-ordering Google Glass, then either steal your bank details or - if you've paid using PayPal - take the money and run. Graham Cluley, senior technology consultant at Sophos, discovered a professional-looking site selling the "magic glasses" for $499.90 plus $49.99 delivery. That's a third of Google's $1,500 asking price, but you'll be losing cash rather than saving it.
How can you spot it?
Graham Cluley noticed that the site was registered to a Brazilian address, didn't use Google Checkout for payment and had been promoted via comment spam, which isn't very Google-like. Google Glass is officially due to go on sale at the end of the year, so hang onto your wallet until then.
Fake confirmation emails
What's the scam?
You receive an email confirming your hotel or flight reservation. Amazon order or a payment made to or from your bank account. Certain that you haven't made such a transaction, you open the attached file for more details, only to be infected by a virus.
What's the danger?
Recent examples of this scam have included particularly nasty attachments. The Sophos Naked Security blog (nakedsecurity.sophos.com) reports that fake booking confirmations for the Atlantic Hotel in Tenby contained the Troj/Agent-AAQY Trojan horse. This is "designed to hijack your Windows computer and give remote access to malicious hackers". Although your anti-virus software should be able to block the malware, there's still a chance it could wreak havoc on your system, especially if it's a relatively new threat.
How can you spot it?
Aside from ensuring that you never open an attachment unless you know what it is, look carefully at the 'received from' details in the message header. This will reveal the real domain the email was sent from (the one that appears in the 'From:' field can be easily faked). To view the header in Outlook.com, click the Actions menu and choose 'View message source'. In Yahoo Mail, go to Actions, View Full Header. In Gmail, click the 'Show details' menu next to the sender's name and check the 'mailed-by' line.
Microsoft Digital Crimes Unit emails
What's the scam?
Like an email version of the Microsoft phone scam, you receive a warning from the Microsoft Digital Crimes Unit that you need to download an important security file. This will supposedly prevent hackers from stealing your online details via a "new vulnerability".
What's the danger?
According to Sophos, the file attached to the email is actually the Troj/Agent-AANA Trojan. This is a vicious virus that will corrupt your Registry, bombard you with pop-ups, redirect web searches, shut down legitimate anti-malware tools and slow down your PC considerably.
Obviously, this isn't a file that the real Microsoft Digital Crimes Unit (www.microsoft.com/dcu), which aims to "put cybercriminals out of business and help keep the global internet community safe-, would be involved in distributing!
How can you spot it?
There are several giveaway signs that this message is a scam, from addressing you as 'Dear Email User' (rather than your name) to its poor spelling and grammar (such as 'there' instead of 'their'). The email also uses the old Microsoft logo, which would be rather embarrassing if it was from the real Digital Crime Unit. Also, Microsoft would never issue a security patch by email, preferring to provide fixes via Windows Updates.
Fake Twitter accounts
What's the scam?
Scammers set up fake accounts for famous people, which quickly attract lots of followers. They then use the account to spread spam and malware. Recently, a fake account for the new Pope, Jorge Bergoglio, attracted more than 110,000 followers, before it was removed by Twitter.
What's the danger?
If you're following a bogus famous person on Twitter, even if you know it's a joke account it's easy to click a link without thinking or knowing where it leads. This can result in your PC being infected by a malicious site, and is particularly common with links that have been shortened using services such as Bitly and Ow.ly.
How can you spot it?
Look for a tick next to the celebrity's name, which confirms that Twitter has verified the account as genuine. You should also install a browser add-on that expands the full web address of short URLs before you open them, such as Tactical URL Expander for Chrome.
For extra protection, SiteAdvisor warns you of dodgy links before you open a suspicious site.
Fake Java updates
What's the scam?
With hackers exploiting holes in Java to spread malware, it's essential to keep the plug-in up to date (or disable it altogether). Unfortunately, cybercriminals are also using Java updates for malicious purposes, setting up sites that tell you to download the latest version, which then infects your system.
What's the danger?
According to TrendMicro, which identified the threat in January (http://bit.ly/14r2mwl), when you install one of the fake updates, it downloads a backdoor virus, which then connects to a remote server and downloads the Trojan Troj_ Ransom.ACV. This locks your screen and attempts to display notifications from websites, although you may just be stuck with a blank page. Because of the sneaky way it installs and behaves, the Trojan can be tricky to remove.
How can you spot it?
Beware of prompts to install Java updates from any website other than the official Java site (www.java.com). If an installation box opens automatically, close your browser immediately. Ironically, TrendMicro found the malicious update on what appeared to be a news site about cybercrime, so be on your guard.
Shocking Facebook videos
What's the scam?
A video appears in your News Feed, apparently posted or 'liked' by a friend. This usually promises some form of salacious content, either involving a celebrity (often in a 'sex tape') or a nubile young lady (or both), or unseen footage of a news event.
What's the danger?
There are several versions of this 'clickjacking' scam, which has been around for several years but has become more prevalent in recent months. At its most basic, clicking the link will spam your friends with the same video, which is annoying for them and embarrassing for you. In other cases, you'll be asked to complete a survey before you can watch the video, which earns the scammer commission and can also trick you into sharing personal information. Worst of all, for the sake of watching a risque video that doesn't actually exist, you'll end up installing malware and spreading it to your friends' accounts, too.
How can you spot it?
Never click any Facebook video, photo or other link that contains the words "shocking", "I can't believe...", "you won't believe..." or similar language. If you accidentally click such a link, and are asked to 'like' or click something else, close Facebook or your browser straight away. The excellent website Facecrooks (facecrooks.com) provides news of all the latest Facebook scams, including many video tricks.
Google Glass pre-orders
What's the scam?
All those who can't wait to get a pair of the web-enabled specs, be aware that they can't yet be ordered. Any site that offers this is a scam.
What's the danger?
Websites fool you into pre-ordering Google Glass, then either steal your bank details or - if you've paid using PayPal - take the money and run. Graham Cluley, senior technology consultant at Sophos, discovered a professional-looking site selling the "magic glasses" for $499.90 plus $49.99 delivery. That's a third of Google's $1,500 asking price, but you'll be losing cash rather than saving it.
How can you spot it?
Graham Cluley noticed that the site was registered to a Brazilian address, didn't use Google Checkout for payment and had been promoted via comment spam, which isn't very Google-like. Google Glass is officially due to go on sale at the end of the year, so hang onto your wallet until then.
0 comments:
Post a Comment