Where can I get a fake cosmetics license?

GlobalSign Blog

Phishing is not unknown territory for us. In one of our older blogs, we set out the ways hackers work. They trick users with phishing emails in a variety of ways, tricking them into downloading malicious attachments or visiting malicious websites. In 2016 alone, the number of phishing attacks increased by a staggering 400% and it looks like it will continue this year. That is why we would like to provide further information today in order to put an end to phishing and to educate you about phishing websites as a method of attack.

Malicious email is only part of the phishing process. The would-be attacker usually creates a fake website to trick users into entering login information or banking details, which the attacker can then freely use. Millions of users have fallen victim to phishing attempts over the years. The effectiveness of these attacks can be seen in the spectacular 2013 case. Three hackers have been arrested in the UK for attempting to steal more than £ 60 million from unsuspecting customers using more than 2,600 fake bank websites.

In order not to fall victim to such attacks, we have summarized the most common scenarios that can be found on phishing websites, as well as tips on how to recognize them so that you do not inadvertently give your data.

How do phishing websites get to you?

Scenario 1: Opening a phishing email - Nick's email debacle

Let's start with a familiar scenario. Nick works hard for a buck. He's saved $ 1 million for his retirement all his life. A few months before his well-deserved retirement, Nick receives an email from his "bank" asking him to update his account information. He logs on to the "website of his bank" and changes his details. The next day he finds that all of his savings are gone. In 2012 this actually happened to a woman from Great Britain.

Scenario 2: Clicking on suspicious banner ads - Maria's advertising dilemma

Advertising is often chosen as a route for phishing attacks. For example, Maria searched online for simple recipes. She entered “simple recipes for cakes” on Google and, without paying any further attention to the link, clicked on the Google ad that promised “simple recipes for cakes”. On the linked website, she was asked to provide her credit card details in exchange for prescriptions. Fortunately, Maria got suspicious and immediately left the website. She just escaped the phishing attack via fake Google ads that made the rounds in 2014.

Scenario 3: Access via a fake login page - Sophia's government fiasco

Attackers will stop at nothing to get information. For example in the case of Sophia, who wants to renew her passport. Sophia searches for the local passport office using the search engine and selects the first link that is displayed. She didn't think anything of it, because the login page looked as expected. After entering her details, she was surprised that she did not receive an email confirmation from the passport office. The next day she noticed that her accounts were being accessed. This was the case for Singapore residents last year who fell for a fake government login page.

Scenario 4: Sharing on social media - Roberts Twitter worries

Robert has a problem with his bank and is hoping for a quick response on Twitter. He turns to his bank's Twitter account with his problem. Within a few hours, an "employee of the bank" contacts him and gives him a link to the "support page of the bank". Fortunately, Robert didn't fall for the trick, because he knows that unverified accounts cannot be trusted. Robert has thus encountered one of the most common attempts at phishing attacks via social media, and luckily escaped it.

Tips to identify phishing websites

You have probably noticed that all of the above scenarios are based on actual phishing attacks. Nick, Maria, Sophia and Robert may be fictional characters, but the dangers described are real. Here are some helpful tips to avoid phishing from malicious websites. Let's break the solutions down into two categories.

Before you click

Always double-check the URL carefully before clicking.If you receive a link via email, social media, or any other means, please take the time to review the link before clicking it. You don't have to be an expert to spot suspicious links. Pay attention to the most common features. Fake links usually attempt to imitate the existing website, often by adding unnecessary additional words or domains.

Before you click hyperlinks, hover your mouse pointer over them. For example, in the example below, which we also discussed on our previous blog, you can see the hyperlink from “Click Here” to “http://globalsign.uk.virus-control.com/b4df29/?login_id=1817 ..." leads. There are a few features that should make you suspicious. 1.) globalsign.uk is not a legitimate GlobalSign domain. 2.) The domain is followed by the addition “virus-control”, and 3.) The many characters at the end of the URL.

Identify the source of the link. Do you know the person who sent you the link? If you have the slightest doubt, don't click. In the previous example, Robert noticed the wrong representative before he clicked the link. Attackers like to create fake accounts, from completely absurd (e.g. a general "trustworthy banking authority") to very credible ones (e.g. Peter Maier at Deutsche Telekom). So pay attention to the profiles of people you communicate with and see if they actually exist.

After you click

Check the URL BEFORE entering any information. You accidentally clicked a phishing link. It's not too late yet! As mentioned above, check the website url and look for the typical features. Links from fake websites often contain a lot of insignificant characters in the address bar or additional text.

Check out the example below from the Gmail scam that made the rounds earlier this year. Although it has the text "accounts.google.com" and therefore appears legitimate, the extra text should ring any alarm bells that it is a phishing or malicious site.

 

(Source: PCMag)

Look for a Trust Seal. Most real sites use Trust Seals from a third party to show how secure their site is (e.g. by showing a trust level, sales pages, or whether the site is encrypted with SSL / TLS). Pages that collect login details or payment information should display a trustmark or secure site seal to reassure users that the website is legitimate. Look for these trust marks and also check if the provider is a well-known online security provider. The seals are mostly interactive, so it can be helpful to click on the seal to find out more information about the site.

Check the address bar for company information. SSL / TLS certificates play an important role in internet security. They encrypt sessions and protect information sent between browsers and web servers.

Extended Validation (EV) SSL, the highest SSL level, adds another important element in that the verified identity of the provider is clearly displayed in the browser line, usually with the specially used green address line.

 

So you can see immediately whether the site is actually managed by the given company, or whether it is a phishing or copycat site. The majority of market leaders, those who are most likely victims of phishing, use EV SSL. So it is easy to check and verify the page based on the company name in the URL. With the number and professionalism of phishing attacks increasing, it is more and more important to us that even more companies use EV to protect their pages from imitators.

Check the website address for homographs.Some popular browsers cannot recognize other languages ​​such as the Cyrillic alphabet. A hacker can register a domain like xn--pple-43d.com, which is the equivalent of apple.com, and then purchase an SSL certificate for it. This is also known as script spoofing. There are almost 11 glyphs in the Cyrillic alphabet that look exactly like the Latin character. Other alphabets that have glyphs similar to Latin characters are: Greek, Armenian, Hebrew, and Chinese. With a few combinations, spoof domains can be created and secured so that it is almost impossible to tell the real from the fake domain.

But only almost! There is a way to spot this type of attack. If you think the link is suspicious, copy it to another window ...

Very easily. The real domain is immediately shown and you know the website cannot be trusted.

You can also identify homographers by clicking through to the certificate details to see which domain the certificate is backing up. In the example above, the certificate would be issued for ‘https://www.xn--80ak6aa92e.com/’ and not for ‘apple.com '.

Phishing attacks may increase in the years to come, but as long as you are prepared to spot them, there will be fewer and fewer victims of the cheap methods of theft. It is best to defend yourself against hackers with knowledge of their tricks. We hope to have helped you with our post.

If you want to learn more about SSL / TLS certificates and to support online security, please visit our website or contact us directly