Phishers Use Look-alike Web Sites
Phishing scammers design web sites purposefully
to look like well-know web sites, to take advantage of typing errors. to
draw unsuspecting users.
There is a site just one letter different than
Google.com that when accidentally visited, puts malicious software on
users' PCs. Visitors who stumble on the site by mistyping google.com are
immediately presented with two pop-up windows linked to sites that in turn
load executable files exploiting several Windows vulnerabilities. Soon the
user’s computer has been infected with four Trojans, that steal
bank-related information, and install more malware.
Several pieces adware are added to the user’s
computer. The Trojans cause connections to not be made to anti-virus
firms' update sites. Some Trojans cause pop-ups to appear on the screen
that scream "VIRUS ALERT! YOUR PC IS INFECTED!" The fake alert
includes a link to a site from which users can download various anti-virus
and anti-spyware programs.
Phishers try to re-route people to malicious
Web sites. Misspelled domains are often used. Pornographers were among the
first to adopt the tactic of registering domains that are slightly off
legitimate sites' spelling, or play off confusion between .com and .gov.
Phishers and spyware people will try anything to get victims to sites to
steal identities or install malicious software. Phishing is much more
common than anyone believes. There's a tremendous amount of it that's
going unreported. People don’t know their computer has been phished until
it is too late, and their identity is stolen. |