Cybercriminals Create 57,000 Fake Sites Each Week 77
wiredmikey writes "In a recent investigation, it was discovered that cybercriminals are creating 57,000 new 'fake' websites each week looking to imitate and exploit approximately 375 high-profile brands. eBay and Western Union were the most targeted brands, making up 44 percent of exploited brands discovered. Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals. Banks comprise the majority of fake websites by far with 65 percent of the total. Online stores and auction sites came in at 27 percent, with eBay taking the spot as the No. 1 most targeted brand on the Web today."
Sure... (Score:2, Funny)
Re: (Score:3)
Is there a way someone could flood these websites with fake credit card numbers that when the scammers try to buy something with it, they get rickrolled? Like Mr. Douchebag scammer takes his girlfriend out for a nice steak dinner using a credit card he, er, downloaded or something from us, and then he goes to pay for it and the waiter swipes the card, and then the fancy music playing in the background screeches to a stop, and "Never gonna give you up" starts playing, and everyone laughs at him, and his gir
Re: (Score:1)
Re:SteakRolled (Score:2)
It's a piece of ...uh... Steak to do this. The scanner has to have an "invalid #" error code. Then the employee just presses three buttons on the sound system.
As usual, this won't happen for a few years for "social" reasons - until some really snarky hip young-person's bistro in NYC does it.
Re: (Score:2)
There used to be a site, i think it was called phishfigthers, which would do just this. It was just some guys who got pissed off at scammers and set it up: they didn't charge anything. You could go to the site, submit the faked url, and their scripts would test it, and see if it took fake logins/credit cards/social security numbers/etc (fake sites back then typically would just take any crap you typed in, if it fit the regexp, and assumed you typed it in right). If so, they would flood it for a while
Re: (Score:1)
Re: (Score:2)
Still, it's something that these big companies can arrange - it would take something like an hour every morning for an intern to do, and even if it would reduce the uptime of these sites by 10%, it would be worth it.
Re: (Score:1)
By that argument, no laws should ever be enforced because new criminals will appear to replace the old.
Re: (Score:2)
I did wonder whether some kind of "deposit" is the way to go (increase the price of a domain name, but get most of it back at the end of a year so that it costs you the same as now). That'd make domain registrations for these sites more of a burden for them, but it'd also make it more of a burden for people like me who run hobby sites and who don't necessarily have extra money to spare. It'd also just move the "whac-a-mole" game to subdomains instead (which I've seen more than a few of).
Probably not all that hard to do . . . (Score:1)
Re: (Score:2)
Re: (Score:1)
Sweet (Score:2)
I don't use any of the listed services*, I'm not being targeted!
* - Before you ask, yes, except for the IRS. But there's not much I can really do about that one.
Re: (Score:2)
IRS scam (Score:1)
The IRS pretty much doesn't give a shit - they're pretty blaze about it when contacted.
Like everything with the internet:
ALL spam emails are scams. That's what I tell people when they ask about this shit.
Re: (Score:1)
Just remind them that they won't be able to take the money if the other guy already took it.
Re: (Score:1)
I think you are assuming they care. Typically, you owe what you owe, regardless of being robbed. If this means they garnish your wages, they do.
Re: (Score:1)
Re: (Score:1)
Cost? (Score:2)
Re: (Score:2, Insightful)
Oh, I am completely sure that this isn't profitable, because registrars and ICANN would crack down on it immediately, and credit card companies would quickly reverse fraudulent puchases made on these websites, and then pass on the fraudsters' information to law enforcement, allowing them to swiftly shut down these operations.
*jerk-off gesture*
Re: (Score:1)
Unfortunately, U.S. law enforcement does not currently have the jurisdiction to take down an operation based out of, say, eastern Europe.
My credit card company's been pretty quick about those chargebacks, though; maybe you should find a better one?
Re: (Score:2)
If there was a $10 cash in advance initial fee for a domain and a five-day wait before activation...
They will, but how many people ask? Even if 90% of charges fail to stick many of these scams could be profitable. How many people bother to ask that the charge be canceled when it's only $9.0
Re: (Score:2)
$14.74 but yes, I did.
I got it with 4 such charges from two different companies right before the $14.74 credit card scam ring in Spain got nabbed.
I reversed all 4, two from one company stayed reversed but the other two required me to contest, I have no idea how it will turn out.
I don't know exactly where they got my cc number, possibly from a gas station, fast food place or an online training/certification site I spent money on for my now ex fiances funeral service study books/national boards exam.
Re: (Score:2)
Every time you use a credit card you should assume that someone in the back room is writing it down. Why? Because it is worth as much as $0.50. So if you are a waiter in a restaurant and can grab 100 credit card numbers a week that is like $50 in your pocket.
If you get caught, well, it wasn't that great a job anyway now was it?
One of my cards gets "borrowed" in this way every year. Sometimes the cards are used for purchases in the US, sometimes not. Sometimes they are for easily cancelled items online,
Re: (Score:2)
Well, they're not really putting the site on a new domain but one some guys Windows box that's now part of some botnet.
The botnet masters are warring to put up sites and take down sites on other botnet managed systems so that's why there are 57,000 per week.
Since they're linking to images from the real sites, they only need a bit of text also hijacked from the site. The answer is saved in a bit of data which the botnet masters retrieve at their leisure.
I image there's some guy in China with a 30" monitor wa
Battle.net (Score:5, Informative)
I'm honestly surprised that battle.net or World of Warcraft didn't make the top 10. Anyone who's been targeted by their phishing mails is probably familiar with domain names like "battle-auth-blizzard.com"
Re: (Score:2)
More often, WoW players are targeted in game, via in game mail, trade chat spam, whisper spam/phishing attempts, and lately on my server, the spammers have actually been running 25+ identically dressed characters into SW and arranging them into URLs and/or gold site names. I don't think I've ever received an actual email that was a WoW related phishing attempt. What amuses me is how broken the english usually is in these attempts, as if people wouldn't clue in that "Blizz SLECT U FROM ALL GAME PLAYS. U WIN
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
It's doing wonderful things in PvP like Arenas as well. Lots of PvP folks using hacked clients to move faster, or warp around to get out of line of sight. Fun times.
This nonsense has been going on for over a year now - Blizzard has done nothing.
Re: (Score:2)
I know people who have never even played WoW or have mail accounts that were never associated with WoW who sometimes get onto these phishing mailing lists. You're lucky if your mail accounts are still safe from this spam (or perhaps your ISP or spam filters are just better than mine).
In my experience, the in-game scamming has been greatly reduced to the point where I almost never receive tells. Yet I have one email account that sometimes receives multiple phishing mails per day, including ones for Aion (whi
Re: (Score:2)
So far there appear to be no shortage of stupid and ignorant people.
Re:Battle.net (Score:4, Interesting)
Re: (Score:2)
I just forward them all unread to hacks@blizzard.com .
If you can't be bothered to read your own mail, why would they? Chances are, they know about the problem anyway.
Re: (Score:1)
Because Blizzard asks their playerbase to forward these e-mails for verification, and to help them locate the bogus sites and get them shut down. I'm getting these myself (although my B.net account is now on a different e-mail address), and they all have different bogus websites. While they know there's a problem, they still need to know where the new problems are.
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Not just Blizzard, also NCsoft. I got one yesterday morning with http://www.aion-account-ncsoft.com/ [aion-account-ncsoft.com] (already submitted and seems to be down now) for Guild Wars 2 beta. http://www.urlvoid.com/ [urlvoid.com] only showed two of them when it checked yesterday morning, and still is two today. These sites come fast and go fast. :(
Just goes to show you... (Score:2)
around 6% (Score:2)
Assuming a "site" == new domain, that would give us roughly 6%* of the registered domains per week are used for phishing...
Curious what the percentage is for porn sites
* using these statistics. [domaintools.com]
Re: (Score:2)
93.9%?
Is someone working on fixing this? (Score:4, Insightful)
Re: (Score:2)
Re: (Score:1)
Anytime someone registers something like www.paypal-loginweb.com it should be setting off red flags everywhere.
I'm not saying these domains should be shutdown automatically or anything, but they should be flagged for review every few weeks and it might not be a bad idea to ask a few questions either.
The fact is that many registrars have worked so hard to lower costs that they cut out the basic checks that would have caught these kinds of domains.
Sure it would never stop someone from setting up a phishing si
sure... (Score:5, Insightful)
Wouldn't a good next step be to eliminate domain registrars that allow these sorts of sites to get created in the first place?
I agree whole-heartedly that something should be done about the crooked and complacent registrars. The problem is, who should take the action? The most logical step is ICANN, since they handle registrar accreditation, except they have shown repeatedly that they will not take any meaningful steps. And of course, ICANN only does accreditation for registrars of the largest TLDs (for now), so anything from another country's list of TLDs is beyond their jurisdiction (and soon pretty much everything will be beyond their jurisdiction).
So if ICANN won't do it, who then should? It is pretty well impossible to take legal action against the registrars and expect anything meaningful to come of that, so unless you want to advocate vigilante justice you're just SOL.
Ideas... (Score:1)
1. Currently most DNS records have Time to Live of a few days to a week. I would expect that servers of secure sites would want much longer times than this. Clients then know that certain servers are to be connected at specific addresses, and bring up an alarm when the last IP of record for server.foobank.com has changed.
2. I'm always suspicious when any web site makes reference to a server outside of it's own domain. Is this not also a place that responsible secure servers could take a step. Couple t
Snakes (Score:5, Funny)
Slow down everyone. No one would argue that ASP.net sites aren't bad, but calling them criminal is a bit much.
Comment removed (Score:3, Insightful)
Re: (Score:2)
Interesting. How much would I have to pay for one of these "marketing fearmongerings"?
Re: (Score:1)
The same amount you would have to pay for a piece of software from one of these security firms that can solve the fraudulent domain registration problem.
You can thank your favorite registrars there... (Score:2, Insightful)
If our good friends at IC
Re: (Score:3, Insightful)
Which is why some Government agency and not ICANN should be administering the domain names, or at the least some governing body with members posted from each of the major nations on the net or something.
Re: (Score:1, Flamebait)
Which is why some Government agency and not ICANN should be administering the domain names, or at the least some governing body with members posted from each of the major nations on the net or something.
That wouldn't be nearly profitable enough for anyone's palette. And getting an agreement on domain name registration terms between the larger nations on the net would be a cat-herding exercise at best, to say nothing of the massive unpopularity in the US regarding any actions that resemble uniting nations.
Re: (Score:3, Insightful)
Because there is no chance at all that government would misuse control of DNS...
Stupid or ugnorant (Score:2)
Stupid, or otherwise concerned (Score:4, Interesting)
The thing with social hacks, and a lot of things that script kiddies/hackers/maladjusted people do is... well, the "hackers" think of themselves as great for accomplishing this great feat of breaking into someone's property or outwitting them. It's like a kid jumping over a picket fence into someone's garden, and making a big deal because they broke through the guy's defenses. What they don't realise is that the guy with the picket fence has better things to do than mess up his front yard building impenetrable defenses, just to protect against the slight chance that you might mess up their grass. The average person just doesn't care about security, the way IT pros do. And in most cases, that's a fairly sane way to prioritise. This is only a problem in two ways:
* banks, e-commerce, and a few other kinds of site with sensitive data have a responsibility to protect confidential information. In this case, the site operators need to step up their game, but they usually know that.
* insignificant servers can be used to launch attacks on sites/systems that matter. But that's more of a problem for it pros, not the insignificant sites.
Re: (Score:1)
The average person cares after they've had their bank account emptied 3 times despite their best efforts to fix it.
Re: (Score:1)
don't forget lazy
Poor security comes from early no security (Score:3, Interesting)
I always think of the recollections in Levy's "Hackers" when the early days' programmers at Berkeley and MIT would insist security was only for fascists and even balked at passwords for accounts. Computer security will probably never catch up because it was never a focus at the start. What's always among the first things now when making a new software package but how to segment permissions, etc, but that's always on a system whose underlying base has security issues. Sigh, dang hippies!
Ebay! (Score:1)
>with eBay taking the spot as the No. 1 most targeted brand on the Web today
That's why i will never use Ebay again, as I have kijiji right now...
Re: (Score:2)
Now that we've got .co? They've been around for ages as the [url=http://en.wikipedia.org/wiki/.co]TLD for Columbia[/url], what with it being the nation's [url=http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2]ISO standard code[/url]. Ditto for .cm, which is the [url=http://en.wikipedia.org/wiki/.cm]TLD for Cameroon[/url] and also only one missed character off a .com. It's just because people like Twitter have started using them to be one character shorter on the extension and with shorter domains (since singl
Re: (Score:2)
D'oh! Stupid HTML vs BBCode confusion.
Now that we've got .co? They've been around for ages as the TLD for Columbia [wikipedia.org], what with it being the nation's ISO standard code [wikipedia.org]. Ditto for .cm, which is the TLD for Cameroon [wikipedia.org] and also only one missed character off a .com. It's just because people like Twitter have started using them to be one character shorter on the extension and with shorter domains (since single letters aren't allowed in .com any more) that they're becoming more visible.
Grammar, please (Score:1, Insightful)
419 I am Austin Powers (Score:1)