Posts

Aquaman, King of the Seven Seas May Also be King of Threats

Wonder Twin powers activate! Shape of a Pterodactyl! Form of an icicle! Watching the Super Friends on Saturday mornings in my pjs while eating sugared cereal for breakfast and reading comic books was the extent of my relationship with super heroes. Ahh… those were much simpler times.

Today kids can find everything they need to know (and more) about their favorite superhero online. And with computers, Internet-connected game consoles and mobile devices all readily available, they can access this information at any time. But now searching for these super heroes may not be all that innocent as just looking for fun facts.

With the resurgence of the superheroes into mainstream movies (think Iron Man, Hulk, Captain America to name a few), hackers are leveraging their popularity to target consumers. Hackers are most successful when they can attract a large number of victims. One way to target big crowds online is to track current events—everything from celebrity meltdowns and natural disasters to holidays and popular music—and now, superheroes.

McAfee reveals the top Most Toxic Superheroes (#toxicsuperhero) that result in the greatest number of risky websites when you search for them online. The research found that searching for the latest “Aquaman and free torrent download,” “Aquaman and watch,” “Aquaman and online,” and “Aquaman and free trailer” yields a 18.6% chance of landing on a website that has tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware.

The study uses McAfee® SiteAdvisor® site ratings, which indicate which sites are risky to search for celebrity names on the Web and calculate an overall risk percentage. The top Superheroes from the research with the highest percentage of risk are:

Aquaman                   18.60%

Mr. Fantastic            18.22%

The Hulk                    17.30%

Wonder Woman       16.77%

Daredevil                   16.70%

Iron Man                    15.63%

Superman                   15.21%

Thor                            15.10%

Green Lantern          15.00%

Cyclops                       14.40%

Wolverine                   14.27%

Invisible Woman      12.40%

Batman                       12.30%

Captain America        11.77%

Spider-Man                 11.15%

Here’s some tips to help you stay safe while searching online (whether it be from your PC or mobile device):

Be suspicious: If a search turns up a link to free content or too-good-to-be-true offers, be wary

Double-check the web address: Look for misspellings or other clues that the site you are going to may not be safe (for more on this, read my blog on typosquattting)

Search safely: Use a safe search plug-in, such as McAfee SiteAdvisor software that displays a red, yellow, or green ratings in search results, warning you to potential risky sites before you click on them

Protect yourself: Use comprehensive security software on all your devices, like McAfee LiveSafe™,to protect yourself against the latest threats

Broadly speaking, this study confirms that scammers consider popular trends when deciding which victims to target. This makes common sense. If hackers are motivated largely by profit, the biggest profits can be wrung from the largest pools of potential victims. And on the web, popular trends and visitor traffic are highly correlated—so be smart and don’t fall into their trap.

Discuss on Twitter using #toxicsuperhero

Robert

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

What is Typosquatting?

Typosquatting, also known as URL hijacking, is a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com”). When users make such a typographical error, they may be led to an alternative website owned by a hacker that is usually designed for malicious purposes.

Hackers often create fake websites that imitate the look and feel of your intended destination so you may not realize you’re at a different site. Sometimes these sites exist to sell products and services that are in direct competition with those sold at the website you had intended to visit, but most often they are intended to steal your personal identifiable information, including credit cards or passwords.

These sites are also dangerous because they could download malicious software to your device simply by visiting the site. So you don’t even need to click on a link or accept a download for dangerous code to install on your computer, smartphone or tablet. This is called a drive-by download and many typosquatters employ this as a way to spread malicious software whose purpose is to steal your personal information.

In some cases, typosquatters employ phishing in order to get you to visit their fake websites. For example, when AnnualCreditReport.com was launched, dozens of similar domain names with intentional typos were purchased, which soon played host to fake websites designed to trick visitors. In cases like this, phishing emails sent by scammers spoofing a legitimate website with a typosquatted domain name make for tasty bait.

In order to protect yourself against typosquatters, I recommend you:

Pay close attention to the spelling of web addresses or websites that look trustworthy but may actually be close imitations of the online retailer you are looking for.

Instead of typing the web address into your computer, make sure you have a safe search tool, like McAfee® SiteAdvisor® which comes with McAfee® LiveSafe™ that provides warning of malicious sites in your browser search results.

Don’t click on links in emails, texts, chat messages or social networking sites.

Invest in a comprehensive security solution like McAfee LiveSafe™ service that protects all your devices, your identity and data.

There are more ways to scam people online than ever before. Your security intelligence is constantly being challenged, and your hardware and software are constant targets so make sure you stay educated and use common sense!

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

Typosquatting Scams in Social Media

Typosquatting, or URL hijacking, is a form of cybersquatting that targets Internet users who accidentally type a website address into their web browser incorrectly. When users make a typographical error while entering the website address, they may be led to an alternative website owned by a cybersquatter or criminal hacker.

In a new twist, some typosquatters have begun using these domains to advertise deceptive promotions, offering gift cards or iPads to lure visitors.

“Twiter.com,” for example, redirects all the would-be Twitter users who missed one “t” to http://twitter.com-survey2010.virtuousads.com/survey.html. Notice that this copycat page’s URL begins with “http://twitter.com,” but clearly is not part of Twitter. Mistyping “youube.com” or “acebook.com” will send you to similar pages, which are designed to resemble YouTube and Facebook.

This scam benefits affiliate marketers who get paid when users click links and fill out forms. The shadiness of these sites, and the misleading techniques of their operators, indicates that any information you provide will most likely be misused, leading to annoyance and possibly fraud.

Typos are a common occurrence with no solution. But users who do find themselves on one of these alternate pages need to check the address bar and use common sense. Familiar colors, fonts, and logos may imply that you’re at the right website, but pay closer attention to be sure you’re not heading down a rabbit hole of spam and scams.

With more than 11 million victims just last year, identity theft is a serious concern. McAfee Identity Protection offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your financial accounts. Please educate and protect yourself by visiting www.counteridentitytheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss an identity theft pandemic on CNBC. (Disclosures)

This Holiday Season, Beware of Phantom Websites

A “fly by night” business is one that quickly appears and disappears, without concern for the quality of their product or service, or for legal regulations. These untrustworthy businesses often operate fraudulently. On the Internet, a fly by night business is called a “phantom website.”

Phantom websites exist to collect personal and credit card information. They can appear online any time of the year, but the holidays are prime time. They imitate the look and feel of a legitimate website, and many simply copy the web code from well-known online retailers, right down to the names and logos. They may also purchase domain names that resemble those of legitimate retailers, “typosquatting” to take advantage of mistyped searches.

Criminals may direct you to phantom websites using advertisements, even on major search engines like Yahoo and Google. These links or clickable graphics can either send you to a phantom site, or they may even directly infect your computer with malware.

Hackers and scammers also rely on black hat SEO to get their phantom websites ranked on the first or second page of search results, using the same search engine optimization techniques as legitimate vendors.

However, these scammers also game the system using techniques like “link farms,” “keyword stuffing,” and “article spinning,” which are frowned upon by search engines. Using these techniques to lure visitors will get them banned within a month or two, but that’s plenty of time to establish an online presence and scam plenty of victims.

And of course, phishing is in season all year long. Scammers send emails offering deals too good to be true, in order to draw visitors to their phantom sites. They’ll often take advantage of major holidays and significant world events to create an enticing offer. These emails are designed to trick recipients into entering account credentials, which allows the scammers to take over existing accounts or open new ones.

Protect yourself from phantom websites by only doing business with legitimate online retailers you know, like, and trust. Go directly to their websites, rather than relying on search engines, which may lead you astray. But do use search engines to check out a company’s name and look for ratings sites where customers have posted their experiences with a particular company. If you can’t find anything aside from the company’s own website, be suspicious.

And, never click on links in unsolicited emails. Just hit delete.

Use SiteAdvisor or a similar service to scan for infected links.

And invest in identity theft protection, because when all else fails, it’s nice to have a service watching your back. McAfee Identity Protection includes proactive identity surveillance to monitor subscribers’ credit and personal information, as well as access to live fraud resolution agents who can help subscribers work through the process of resolving identity theft issues. For additional tips, please visit CounterIdentityTheft.com.

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss how a person becomes an identity theft victim on CounterIdentityTheft.com. (Disclosures)

Typosquatting for Fun and Profit

Typosquatting, which is also known as URL hijacking, is a form of cybersquatting that targets Internet users who accidentally type a website address into their web browser incorrectly. When users make a typographical error while entering the website address, they may be led to an alternative website owned by a cybersquatter or criminal hacker.

Typosquatters often create spoofed sites that may have the look and feel of the intended site. Operations like these may actually sell products and services that are in direct competition with the site you wanted to go to or they may be a front to steal your credentials including credit cards or social security numbers. Examples from Veralab might be “leson vs. lesson” or extra double characters such as “yahhoo vs. yahoo” or wrong character sequencies such as “IMB vs. IBM”, or a wrong key pressed such as “fesex vs. fedex.”

In some cases the typosquatters employ phishing to get you to visit the site. Phishing of course is the criminally fraudulent process of attempting to acquire sensitive information such as user names, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Typosquatting and phishing go hand in hand.

SC Magazine reports “in most cybersquatting cases, the web address can be similar in appearance to the actual corporate site, but will instead contain pay-per-click advertisements, according to a 2007 McAfee report, which studied 1.9 million typographical variations of 2,771 of the most trafficked websites.”

Last year Scammers created a website imitating Twitter.com called tvvitter that’s t-v-v-itter, cute huh? They sent phishing emails to millions of users, many of whom clicked on the link contained within the emails, which sends them to the phishing site, where they enter their user names and passwords in order to log in.

When doing a search online look carefully at any links you click.

When typing in a browser, before hitting “enter” look at the address bar to confirm you spelled it properly.

Do business with e-tailers you are familiar with and carefully spell their domain.

Set up your favorites menu with your most visited sites.

So heads up, be careful out there and don’t get hooked.

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston. Disclosures.

Identity Theft Expert; Cybersquatting Leads to Fraud

Robert Siciliano Identity Theft Expert

Ever click on a link from an email or while surfing and something just wasn’t right? The domain name in the address bar looked like a letter or two off? A misspell? Maybe it had a number tossed in there for good measure? This is either cybersqautting or typosquatting and its a problem.

Cybersquating is the act of procuring someone elses trademarked brand name online as a dot com or any other US based extension.

Cyber squatters squat for many reasons including impostering for fun, hoping to resell the domain, using the domain to advertise competitors wares, stalking, harassment or outright fraud.

Grabbing someone’s given name is also a form of cybersquatting and is happening in social networks and on Twitter. Twitter is affected by Twittersquatting where peoples names and an estimated top 100 brands have been hijacked.

There are also bunches of Kevin Mitnicks ( hacker) on Facebook that even prevented the Gent from accessing his own Facebook account. Facebook fixed the problem after Mitnick rightfully bitched then CNET made a call. Then Facebook listened. Facebook said “We are very aggressive in fostering and enforcing our real name culture and sometimes we make mistakes. But it’s rare, and it’s been fixed.”

Cybersquatting is also done maliciously for fraud. The Identity Thieves will jack a domain similar to that of a bank and create a spoofed site for phishing. Often if the domain isnt available, then the next best thing is Typosquatting. Annualcreditreport.com was a victim of that. More than 200 domains were snapped up right after the site launched.

This is just one more reason to protect yourself from identity theft.

Back in the day, I was accused of cybersquatting! Here. I wasn’t I swear! Back in the early 90’s with my IBM PS1 Consultant 3.1 Microsoft operating system and a rockin 150mb hard drive, I bought me up some domains as well. Some that I sold, others I regrettably gave up and one that will haunt me till the day I die.

I owned LEDZEPPELIN.com for about 5-6 years. Led Zeppelin then and now is my band, and as a fan I bought the domain as a keepsake. I would get emails from people globally like “I am Paulo from Brazil, I love the Led Zep!”

Then when Clinton passed a law later making cybersquatting illegal, I knew it was a matter of time. I had it for 5 years before anyone from the bands team of lawyers approached me on it. And when they did I didn’t know how to handle it. And my lawyer at the time even less so. Ultimately I gave it up without a fight on my part, but I’m sure the bands lawyers billed them for the 1 inch thick book of a lawsuit I was served with. Sorry dudes. My bad.

In this case the lawyers saw an opportunity to build a case against me, a fan that would have been happy with a stupid guitar pick from Jimmy. Instead I sat in silence for a year while they built a huge case as to why they should own the domain. When served, I freaked and called them yelling to take it, I never wanted that.

One of few regrets. But I have a nice 1 inch thick book about me and the band and why I’m an idiot.

Anyways back to cybersquatting. A recent report from the NY Times sourced MarkMonitor, a domain name seller and company that protects brands names from misuse, tracked an 18 percent rise in incidence of cybersquatting.

Which means as a brand or individual (or band, eesh) get your name on social network sites or domain name NOW. Then get your kids names as well.

Because they may be Zeppelin famous and have to fight a twit like me.

Robert Siciliano Identity Theft Speaker discussing DNS issues Here

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information