John Healy's Tech Blog

Tag: Phishing

  • Lookalike web page addresses

    Ever mistype a Web page address? Mistype the URL? Like typing “Gogle” instead of “Google.” Ever click a result from a Google search that looked like the site you wanted but took you to something else? With maybe some scary ads?

    Well, these two articles (links below) are a reminder about this common way criminals seek to trick and exploit us. Much like spoofed phone caller IDs, eh.

    Engadget: Google Chrome will warn you of lookalike URLs

    It’s pretty common for malicious actors to lock down common misspellings of popular sites in attempts to catch people off guard when they make a mistake typing in a URL. Those sites often look like the real thing but are designed to steal a person’s credentials and other information. While Google Chrome’s experimental feature, the browser will present a dropdown panel under the URL bar. The notification draws attention to the fact that the user may be visiting a site they don’t intend to and offers to redirect them to the correct domain. That combined with Chrome’s existing warnings about unsecure sites should hopefully be enough to keep people from falling for scams.

    Wired: Google Takes Its First Steps Toward Killing the URL

    Currently, the endless haze of complicated URLs gives attackers cover for effective scams. They can create a malicious link that seems to lead to a legitimate site, but actually automatically redirects victims to a phishing page. Or they can design malicious pages with URLs that look similar to real ones, hoping victims won’t notice that they’re on G00gle rather than Google. With so many URL shenanigans to combat, the Chrome team is already at work on two projects aimed at bringing users some clarity.

    While enabling these new feature is somewhat technical, it’s good to know that Google (among others) is working on ways of making us safer on the Web. These features probably will become standard for general use this year.

  • Phishing attacks — fake “Apple” emails

    I’ve noticed these types of scams for awhile: email messages (supposedly) from Apple purportedly about a payment or Apple ID or login from another device (which in fact you may not own). More and more email apps (especially on mobile devices) do not permit examination of the raw message text, which often permits detection of the fraud. So, what to do?

    This Vipre Security News blog post (March 16, 2018) is a good summary of the situation: “Apple Phishing Attacks Prompt Advice From Tech Giant.”

    Apple customers don’t get phished quite as much as Microsoft ones, but they do face a fairly annoying variety and frequency of fake emails. The problem stems from the fact that Apple sends emails to its customers quite regularly, thereby making the millions of Apple customers juicy targets for the bad guys.

    There are three basic fake emails going around. The first appears as an email invoice for your “recent Apple purchase.” Another is a “Reminder” notifying you of an account login from an iPad in Monaco. The third, and possibly most alarming, is a text message informing you that your Apple ID is expiring today.

    If you’re not sure whether an email about an App Store, iTunes Store, iBooks Store, or Apple Music purchase is legitimate, these tips from Apple may help.

    As in all phishing scams, these fake messages want you to click on a link or open an attachment (which may include further fake links) and then trick you into providing personal or account information — which (genuine) “App Store, iTunes Store, iBooks Store, or Apple Music purchases will never ask you to provide.”

    Checking or updating any account or payment information should only be done in the Settings on your Apple device.

  • Anti-phishing test results 2017

    If you’re particularly worried about somehow landing on a malicious website while browsing the Internet, then this PC World (August 1, 2017) article “AV-Comparatives’ anti-phishing results for 2017 put Avast, Bitdefender, Fortinet, and Kaspersky on top” may be useful.

    In previous posts, I’ve noted PC World’s summaries of test results by the independent computer security test organization AV-Comparatives.

    All four passing software packages got through the false alarm test without making a mistake. Bitdefender won the top spot for detecting actual phishing sites with a detection rate of 96 percent. Coming up right behind Bitdefender was Fortinet with a 95 percent detection rate followed by Kaspersky and Avast with 93 and 92 percent detection rates, respectively.

    You can check out the full anti-phishing results on AV-Comparatives’ website.

    Some of my clients use free anti-virus (AV) programs. Pros and cons.

    Should I go free or paid for antivirus? But there isn’t a good answer to that question. It really comes down to what you’re willing to put up with. If you just need basic protection then most free antivirus suites are probably fine.

    The best way to use AV-Comparatives’ free vs. paid report is as a reference guide for the 15 services it covers.1

    And remember, regardless of your choice for AV, use Malwarebytes Anti-malware also (free or premium version).

     

    [1] The report is available in PDF format here.

    Adaware Antivirus Free
    Avast Free Antivirus
    AVG Antivirus Free
    Avira Free Antivirus
    Bitdefender Antivirus Free Edition
    Comodo Internet Security Free
    Fortinet FortiClient
    Kaspersky Free
    McAfee Cloud AV
    Microsoft Windows Defender / MSE5
    Panda Free Antivirus
    Qihoo 360 Total Security Free
    Sophos Home Free
    Tencent PC Manager
    ZoneAlarm Free Antivirus + Firewall

  • Phishing — what it is and tips

    The May issue of HP’s “Technology at Work” contains some useful information on phishing scams.

    Phishing is the act of posing as a familiar, trustworthy entity in electronic communications and using that familiarity and trust to get recipients to release confidential information, such as passwords and bank account numbers.

    The article summarizes tips to detect these scams.

    • Unusual sender address
    • Unusual URL
    • Lacks personalization
    • Misspellings
    • Urgent action
    • When in doubt
    • (The “What now?”)

    As I’ve noted before, scams do not need to be particularly artful or sophisticated. Just a simple subject like “Alert User ID Suspended” or “Your document is attached” or “Is this your photo” — to make you anxious or provoke your curiosity. Many want you to open an attachment.

    Be safe! And watch out for Mother’s Day scams.

  • Fake Gift Card Surveys — another email scam

    Fake gift card surveys. I’ve seen more of these scams the last month or two. The email messages claimed to be from Amazon with “Amazon Coupons” as the subject. Examination of the messages revealed sender addresses having nothing to do with Amazon. Like from amazon@someothersite.com. Encoded (indecipherable) links in the bodies of the messages went to strange sites. Message bodies contained gibberish.

    These survey scams appear on social media sites as well, e.g., on Facebook. There’s also a CVS survey / coupons scam.

    How can you tell if the message is a scam? Well, there’s the tease itself — something for nothing, eh. If the promotion really was from Amazon, you’d see the offer when logged into your Amazon account. If you impulsively open such a message, at least check any embedded links (you know how to do this, correct?).

    Getting your personal information isn’t the only downside to these scams, as they can involve other bogus offers, malicious Web sites, and malware.

    And regarding malware. It’s not always easy to tell if your PC’s been infected, but this PC World article provides some tips: “Does your computer have malware? Here are the telltale signs.”