How To Recognise URLs

Understanding URLs is extremely important in avoiding online scams. If there’s only one technical skill you need to know about the internet it’s this, and it will save you being caught out one day.

I’ve limited acronyms to just one (URL) to make it easier to understand.

URL. It doesn’t matter what the letters stand for, it means the address of the web page you go to. You get to see URLs in the top of your web browser. An example of a URL is:

www.fraudo.com

You probably see these every day, every page on the internet has one, and you see links for them every day. This is basically how the internet works.

The only other thing you’ll need to keep in mind for this article is that there are good web pages and bad ones - legitimate sites and scam sites created for various evil purposes.

Now we’ll explain how to recognise a good URL from a bad URL.

I’ve made up two names to demonstrate, and apologies in advance to anyone who’s real business name is similar to these (I googled the names and they came up blank so I’m fairly certain they aren’t real business names at the time of writing).

Let’s say a legitimate company is called SomeFancyBank, and that their legitimate website is www.somefancybank.com. It’s the good site. And imagine you have an account with them and a fair bit of money in there.

And let’s say there’s a fraudulent website registered as confusinglookingname.com. So this one is controlled by someone intent on stealing your money, it’s the bad site.

So if you get an email asking you to click on www.somefancybank.com/login.asp you’ll probably feel safe to do so.

If you see a link that looks a little like www.confusinglookingname.com/login.asp you’ll be surprised and you won’t click, it’s a fake website designed to look like the real bank’s site, only they capture your details.

What if the link is www.somefancybank.confusinglookingname.com ? You can see your favourite bank’s name in there so maybe it’s real… Read on, you’ll see why this is definitely illegitimate.

A URL can be broken down into three parts:

1. There’s the stuff at the beginning (often it’s www but doesn’t have to be). And it could be long and could include many dots.

2. Then there’s the domain name (e.g. somefancybank). It’s usually a company name or some other trademark, followed by a .com. There can only be one dot in this part.

3. Then there’s a / followed by a bunch of technical bits. We’re not covering this part in this article. It’s what comes before the / that’s important.

So there are three parts to a URL and we’re only concerned with the first two.

Let’s go straight to some examples (the important bits have been highlighted in bold):

somefancybank.com/login.php - good
abcde.somefancybank.com - good
123.somfancybank.com/123/456/789 - good
abc.somefancybank.com/scaryletters/ - good
confusinglookingname.com/login.php - bad
123.abc.zz45xy.confusinglookingname.com/some/fancy/bank - bad
www.somefancybank.confusinglookingname.com - bad
www.some.fancy.bank.confusinglookingname.com/somefancybank - bad
important.clicknow.confusinglookingname.com/some/fancy.bank/login.asp - bad

I’m sure you’re starting to get the idea by now. Now for some trickier examples:

www.somefancybank.com.au/login.php - bad
www.somefancybank.com.login.confusinglookingname.com - bad

Let’s leave things simple and end it there.

Humans are good at recognising patterns, so when you see your favourite company name in the URL you might immediately think it’s legitimate. Scammers take advantage of this and deliberately make these links to trick people.

You’ll find these fake links in emails, other web pages, chat programs, etc. They’re everywhere so get used to recognising how they work and you’ll be a lot better off.

December 24, 2007 | Filed Under Fraud, General, Identity Theft, Scams | 3 Comments

Using Unsecured Wireless Networks

Sophos (a large IT security company) recently conducted a survey of 560 people. 54% of them admitted to using someone else’s wireless network without permission. That’s more than half the respondents. Why should you care?

If you have a wireless network that isn’t well secured then:

Someone could be using your internet account and incurring expenses (or pushing you over a capped limit and effectively slowing down your connection)
Someone could be illegally downloading copyrighted content (such as using a file sharing program to download commercial movies - it’s illegal and you’re liable for providing the connection)
Someone could be using your internet connection to commit online crimes (just read the posts on this site to get an idea of how common this is).
It lets anyone within range bypass your firewall, making your computers and other wireless devices vulnerable. This is especially important if you have wireless in an office environment
It’s easier for someone to install spyware on your computer, making activities like online banking very dangerous

The most important reason of these is how easy it makes it for someone to use your network to commit crimes. Imagine being involved in a child pornography investigation, or having your internet disconnected because your network was used to send millions of spam emails.

I’ve written before on how to secure a wireless network and if you haven’t done so it’s worth reading through here.

If you’re in the 54% of people who wouldn’t think twice of using someone else’s wireless network without permission then you should know that:

It’s illegal in a lot of countries (people get arrested for this quite often)
It’s effectively stealing. It isn’t a victimless crime
You can’t trust the network you’re using. It’s easy for someone to setup a wireless network in such a was that they can record all the traffic from it. This is one way to eavesdrop on other people’s traffic and to capture passwords

So the message here is to secure your wireless network, and don’t use other people’s wireless networks without permission.

December 19, 2007 | Filed Under Fraud, General, Identity Theft, News/Media, Security, Statistics | 2 Comments

Wireless Network Used in Extortion

An Australian man in Rockhampton has been arrested for trying to extort money from people. Here’s how he did it.

He gained access to other people’s wireless networks. This is fairly easy to do, even if you turn on WEP encryption (read about securing a wireless network here). By using other people’s networks he was harder to locate
He sent users threatening messages, made to look like they came from elsewhere
He then demanded money to be dropped off at a specific location
And he repeated this a total of 12 times

Suitcase full of money The police were able to find him and arrest him. It’s important to secure your wireless networks so that other people don’t use it to commit crimes.

Full article here.

December 17, 2007 | Filed Under Fraud, General, News/Media, Scams, Security | Leave a Comment

MDB Files are vulnerable

At the moment there’s a vulnerability in Microsoft’s Access program. This means it’s possible to create an Access file that contains malicious code (e.g. a virus, trojan, spyware, etc). More details here.

In plain English it means if you receive a file who’s name ends with .MDB treat it as highly suspicious.

December 17, 2007 | Filed Under General, Malware, Software | Leave a Comment

Statistics Update

Secured CD A quick update about online crime.

In Italy, 26 people were recently arrested for taking part in running phishing sites (web sites that look like bank sites (for example) but are designed to capture your account number and password). Two of these people have already been sentenced (5.5 - 6 years prison). It’s important to realise how common this problem is in the world.

And a short while ago I wrote about some important disks that were lost by the British government, containing personal data on 25 million people. That incident received a lot of press coverage and it’s not an isolated case. This stuff happens frequently, like in Northern Ireland. Two CDs were lost this week by one of their government agencies containing personal data on 6000 residents. These disks were not encrypted, as the previous case. Full article here.

Then in California a laptop was stolen containing personal information on 45,000 patients of Sutter Lakeside Hospital. Again the data was not encrypted, making it all too easy for anyone to use this personal information as they see fit. I recently wrote an article on protecting laptops when used to take home work. Full press article here.

Some lessons to be learnt are:

There are a very large number of online criminals doing everything they can to try and steal your money
Disks and notebooks (laptops) are lost or stolen all the time. If they contain sensitive information they should be encrypted
Keep in mind that your personal details are not all that private anymore

December 17, 2007 | Filed Under General, Identity Theft, News/Media, Statistics | Leave a Comment

Blackmail attempt

A programmer on another forum came across an interesting problem. A random stranger approached him basically asking for money not to expose his source code. This kind of action is illegal in some countries, I’m posting the details here to point out that these requests happen.

This email is a little vague in asking for money.

Dear Sir,

My name is Ramzi gattoussi, I’m a 28 years old man. I was graduated from a high school (My degree was a high technician in administration and communication). Due to joblessness and the fact of losing the possibility to continue my education, I forced myself to gain a high level in computer technology. Now, I have an experience of 5 years in this sector. So, I tried many solutions and programs (Due to the absence of copyrights limits in our county, we have the chance to use any kind of software without any limit).

In conclusion, I have a good level in programming (Php, Flash and Actionscript, Delphi, Vb, Sql, Vb.Net and C#). I’m a developer but in a country where the copyrights have no effect. Therefore, I’m asking you to help me by any kind of job in your company and some money to live honourably. And as a result of your help, I will have no need to build a website for commercialising working codes of some good applications like your one (Someone asked me to use the ability of decompiling and reconstruction of application’s codes to get money). Excuse me for sincerity but this is the result of being without a job and having a working brain. In order to convince you, I have joined a zipped file to this email containing a working code. Excuse me another time.

Faithfully, Gattoussi Ramzi

In these situations it’s best not to respond to the original email, never give any personal details and never hand over any money. And if possible you can report it to an online crimes agency such as the one mentioned here, http://www.cybercrime.gov/reporting.htm

December 17, 2007 | Filed Under Fraud, Scams | Leave a Comment

Russian Chat Bot

Female robot It’s amazing how many new tactics these people come up with in order to steal your personal information. There’s a new “bot” that chats with users on Russian online chat rooms (a bot is a program that mimics a real person online). It’s called CyberLover and apparently it’s quite clever in impersonating a human and gets people talking to it.

During a test it was found that the CyberLover chat bot got 10 real people to have conversations with it, in only 30 minutes. During this conversation it tricked people into providing their real names, contact information and photos. This is all private data, provided to the chatbot.

The darker side of this clever piece of software is that the bot is run by hackers intent on committing identity theft. Personal information like this is regularly sold on an online black market, and then used to commit fraud, such as opening credit card accounts in your name. Serious crimes indeed.

CyberLover is an interesting piece because it has different levels of its personality, and they’re mostly of a sexual nature. This type of conversation seems to get people’s attention more easily making it easier to manipulate them into providing personal information (called Social Engineering).

At the moment this is all in Russian however it won’t be long until it appears in other languages including English.

December 12, 2007 | Filed Under Fraud, General, Identity Theft, Security | Leave a Comment

Skype Encryption

Skype is a popular communication tool allowing people to have voice and video conversations over the internet. And one of its features is how it transports that communications data. Skype first encrypts your data then distributes it using a network of other skype users (using what’s called a peer to peer model).

The encryption is intended to stop random strangers eavesdropping on your conversations. And it seems to be fairly effective from what this article says - the German Federal Police Office have a problem wiretapping Skype calls.

Is this a good thing or a bad thing? Well, it’s a little of both. It gives Skype users a level of security that makes the general public comfortable enough to use it, and stops casual eavesdropping. That’s the good news.

The bad news is that VoIP traffic (phone calls over internet) can be intercepted in other ways. When it becomes too hard to break the encryption, as the German police found, an easier path is to install a trojan on the PC and intercept the voice data before it becomes encrypted. This stuff really happens.

The German federal police office is looking into developing trojans so they can install one on people’s computers they need to listen in on (article here). This is a legal form of spyware (at least in the country it’s used in). Other governments have been using this technique for years and legally it’s not much different to wiretapping a phone. What makes it scary is that antivirus companies have an understanding with law enforcement agencies and some government spyware may go undetected.

This isn’t a problem to most people. And at the end of the day it’s no different to using a house or mobile (cellular) phone.

The message in this article is that you should place the same level of trust in any VoIP phone (such as Skype) as you would with any other phone. It doesn’t offer any additional level of privacy. Law enforcement agencies have been finding ways to listen in, and fairly soon we’ll have spyware that can do the same thing only with less legal intentions.

December 10, 2007 | Filed Under Antivirus, General, Malware, News/Media, Security, Software | Leave a Comment

Gameige.com has been compromised

Gnome Some pages on the website gameige.com have been compromised, using iframes to cause people’s browsers to download malware and steal information from the computer. This is a risk if your web browser loads ActiveX controls (such as Internet Explorer). Gameige.com is used by players of online games such as World of Warcraft.

The use of a good antivirus program that filters websites would help here. And hopefully by the time you read this the people supporting the site would have fixed it.

December 8, 2007 | Filed Under General, Malware, News/Media | Leave a Comment

Taking A Work Notebook Home

A common scenario is when someone takes home a notebook from work. The intention is to do work from home for whatever reason.

Notebook - typing This could be a serious security risk. Most companies have gone to a lot of trouble to secure their office networks (for example by installing and managing firewalls; though a firewall is not enough to secure a network). In fact some companies have an entire department dedicated to maintaining network security. However most homes don’t have managed firewalls or any of the other network security systems or resources that companies often use. This effectively makes a home network less secure.

The risk is having an outsider gain access to the contents of the notebook. This could be achieved in a number of ways including having a trojan on another PC in the house. The possible damage to businesses can be huge, depending on the importance of the data on the notebook, or the importance of the work being done from home.

Some misconceptions need to be explained:

All firewalls are the same - this is not true. There are different types of firewalls making some more secure than others. They also need to be patched when the vendor discovers a vulnerability. Some home routers even claim to have firewalls when they don’t (they claim that a NAT feature is effectively a firewall - it isn’t). SPI firewalls are good (Stateful Packet Inspection)
No one would be interested in hacking into your home network. The internet doesn’t discriminate, every device connected to the internet is at as much risk as every other device

It’s not all bad news though. There are things you can do to protect yourself and your employer.

The laptop should have an antivirus program installed. It needs to be up to date.
The laptop would ideally have a “personal firewall” installed. Windows Firewall is not good enough. You need something that not only stops other programs getting into the notebook, it needs to stop unknown programs already on the notebook from getting out to the internet.
The home router should have its own firewall, or you could use a dedicated firewall device. Ideally the firewall would filter out traffic coming from or going to known sources of malware but this isn’t going to happen at home, it requires a fair bit of maintenance (i.e. it’s expensive)
Encrypt the hard drive in the notebook. This can protect you if you lose the notebook or it gets stolen (and statistics show this happens often). Whole disk encryption costs money and slows down the notebook a bit but it’s very important.
Don’t carry all your files on the notebook. Don’t keep all your emails, or your entire client list, etc. Only copy the data you need to get the job done and limit the risk.
A VPN to your office network can help.
Don’t connect your notebook to the internet. These days almost everyone needs the internet to do work so this idea might not be very practical
Don’t use someone else’s wireless network. Not only is this illegal in many countries, you would be sending all your data through a stranger’s network. It’s technically possible for someone to intercept that data, even to manipulate it.
If you use wireless at all make sure it uses a strong security protocol (WPA or WPA2)

A note about VPNs:

VPN stands for Virtual Private Network. It’s a piece of technology that can be used to join an office network to a home network. Servers and PCs on the networks would behave as if they were sitting in the same location, ignoring the fact there’s some distance inbetween, and ignoring the fact it’s really travelling across the Internet.

A VPN isn’t the be all and end all of security, it’s only a technical solution to a technical problem. You still need firewalls, virus scanners, and a little bit of tech support.

They can be setup to route all traffic to your office network and then you would trust your office network to filter the traffic for you. This is generally good. There are some caveats:

Activities like internet browsing are slowed down
Your office network may keep a log of what websites you view from home, when you’re connected to the VPN
You’re trusting your office’s IT staff not to hack into your home network (it’s technically easier when you establish a VPN)
It costs your employer money to setup and manage a VPN
If you have an unreliable internet connection at home it’ll disrupt your work.

Above all find out what your company’s IT policies are and follow them as best you can. If they don’t have one then now’s a good time to suggest one. Working from home doesn’t have to be risky.

December 7, 2007 | Filed Under General, Security, Software | Leave a Comment

Malicious Christmas eCards

If you receive an eCard (email card) from someone you don’t know it might be from someone with malicious intents. Especially if it has the following:

The subject is similar to: This is my one-off Xmase-card for you ^_^ Very nice
The body of the email contains a link to: http://uklotttery.us/?id=ecard
The body of the email contains the text: This is my one-off Xmase-card for you ^_^ Very nice
And it has the words: no worm , no virus

If you find something similar to the above just delete it. It’s sent as spam and the link will try to install a virus.

No doubt there’ll be many attempts this festive season to play on people’s trust so as always be wary of things like this.

December 7, 2007 | Filed Under Fraud, Malware | Leave a Comment

Wireless Keyboards are easily hacked

Wireless keyboards can be intercepted, very easily. This is something you should be aware of not only when purchasing new equipment but when using someone else’s computer. There’s no real defence against it either, other than using a wired keyboard.

Before I explain the risks let me point out which keyboards it does and doesn’t affect:

All keyboards using a 27MHz transmitter are at risk (which includes most of them)
Keyboards that advertise "wireless encryption" or "secure" features are also at risk
Bluetooth keyboards are safer (though these are generally more expensive)

The risks of such an "attack" should be obvious - other people within range could be recording every keystroke. This includes the address of websites you go to, usernames, passwords, the contents of emails, chat conversations, etc.

In a business environment this would be a critical breach of security. Giving away passwords, trade secrets, and other sensitive information is quite serious, and in a lot of cases criminally irresponsible. Wireless keyboards that fall into the "at risk" categories above should be banned.

At home the risks are just as serious. Anyone using a home computer to do internet banking should immediately recognise the dangers of giving away too much information (i.e. finding a large amount of money removed from your bank account). Again, either use a wired keyboard at home, a Bluetooth wireless keyboard (expensive), or limit the keyboard & computer’s use to trivial tasks such as gaming.

How does the attack work?

Well, it seems there are only 256 possible encryption codes, so hackers have cleverly written software that tries them all within seconds. Then there are other tricks they use to break the encryption that some keyboards use (for the IT savvy reader, it’s an XOR protocol).

So it takes about 20 to 50 keystrokes before enough information can be gathered to break the encryption.

How close does one need to be to "sniff" wireless keyboard signals? Usually it’s 4-8 feet, or 1-3 metres. But with more powerful aerials this can be extended much further (hundreds of metres).

Also keep in mind that Bluetooth generally isn’t a very security protocol. It’s only considered safer because of how easy it now is to hack normal wireless keyboards. But you shouldn’t use it to keep million dollar secrets.

There’s a video here demonstrating how it works (warning, it’s geeky and technical): Wireless keyboard hacking.

So go back to wired keyboards, they not only more reliable and more secure, they don’t have batteries that need replacing or recharging.

December 6, 2007 | Filed Under General, Identity Theft, News/Media, Security | Leave a Comment

Chinese CyberSpying

Security Gate British businesses are being warned about Chinese industrial espionage aimed at retrieving financially sensitive data. In particular, at least 1000 businesses have been warned that they’ve potentially been targeted to obtain data on their trading with Chinese companies, in an attempt for the Chinese parties to negotiate higher prices in their business dealings. There’s an article here with the full story.

This post is aimed at businesses, whether large or small. Online espionage, or cyber spying, is a real threat. It doesn’t necessarily need to come from China either, the technology and skills exist in just about every city and country that’s connected to the internet.

Everyone needs to secure both their networks and the computers with it. The old belief that a firewall is enough has always been false, even more so now that data threats can come from so many levels (see the SANS document that was mentioned here earlier). It’s everyone’s responsibility to do everything within their power to increase security. The threats are out there, large amounts of (your) money are stake, and there’s always something you can do.

So now is a good time to review your network security and to improve it.

December 3, 2007 | Filed Under General, News/Media, Security | Leave a Comment

Top 20 Internet Security Risks

SANS is an organisation that does a lot of security research as well as other things, and they have a good reputation for their work. They’ve just published a report showing the top 20 internet security risks. They point out that social engineering is one of the biggest risks at the moment. Social engineering is the term used to describe how people effectively trick (or otherwise convince) others to provide sensitive details.

There’s a lot of detail in this report and it’s well worth reading. Below are a few bits of information from the report and it’s just not possible to summarise it all here. Have a read through it if you have time.

Web applications are vulnerable to being hacked and information misused or stolen.
People can be manipulated
The following applications are the most vulnerable:
- Web Browsers
- Office Software
- Email Clients
- Media Players
Unencrypted laptops are a risk to losing large amounts of data
Instant messaging and peer-to-peer programs are a risk to businesses

The full report is here. It’s long and very detailed, and well worth your time in reading it.

December 3, 2007 | Filed Under General, News/Media | Leave a Comment

Bluetooth Headsets

Most Bluetooth headsets are not secure. I encourage everyone to watch the video linked below to see how easy they are to hack.

In this demonstration by Joshua Wright he connects to a stranger’s bluetooth headset and is able to eavesdrop on the random stranger. He also briefly shows how audio can also be sent to the headset. Anyone with a Bluetooth headset that’s currently on is at risk of something like this. The biggest part of the risk is that almost all Bluetooth headsets use a default PIN (usually 0000).

Watch the video here.

December 2, 2007 | Filed Under General, Security | Leave a Comment

Suspicious Websites

It's a trap With apologies to all those who conduct legitimate activties on the following sites I’d like to warn you on the current trend of malicious sites.

At the moment a lot of sites hosted on Geocities contain various bits of malware. So if you see a link anywhere (in an email, in a chat window, on another web page) that begins with geocities.com be very suspicious.

And secondly there’s been so much malware coming from Chinese web sites. So be cautious of any link that has .cn in the address.

December 1, 2007 | Filed Under General | Leave a Comment

About

Read the latest articles shown on the left, and use the options below to search for past articles. FraudO.com is committed to educating all users on the dangers of the internet and how to avoid them.
Email Subscription

Enter your email address:
Delivered by FeedBurner
Recently Written
Categories
- Admin (6)
- Antivirus (34)
- Backups (5)
- Fraud (42)
- General (67)
- hoax (1)
- Identity Theft (23)
- Malware (63)
- News/Media (35)
- Privacy (6)
- Scams (51)
- Security (74)
- Software (53)
- Statistics (13)
- Uncategorized (2)
Archived Articles
Meta
Spam Blocked

1,271 spam comments

blocked by
Akismet
Ads
Stats

About

Email Subscription

Recently Written

Categories

Archived Articles

Meta

Spam Blocked

Ads

Stats