Tag Archives: Adware

Avira

Alton Towers Facebook Scam

Leave a comment

Following an accident at Alton Towers – a theme and water park in the United Kingdom, a Facebook scam has emerged that purports to show video footage of the accident. Beware: this is a scam, which we shall now dissect for you.

Step 1: The hook

Alton Towers - step 1 the hook

This teaser Facebook post is supposedly taken from the accident (it is not). If you click on it with the (macabre) hope of seeing a video of the crash, you will be taken to a website that has been designed to look just like YouTube.

Step 2: The fake look-alike

Alton Towers fake youtube

Once on that page, you will be asked to post a link to the video on your Facebook timeline…

Step 3: The redirect

Once you accept to post the video to Facebook, you will be redirected to another website, where you will be told that to finally see that video, you need to download a video player update…

Alton Towers - step 3 the redirect

The downloaded file contains adware, that display advertisements and collects information about your browsing habits. The crooks almost certainly make money by getting a percentage of all sales on these third party ads you will be seeing in your browser.

If you see this Alton Towers scam on Facebook, avoid it. If you click on a post that tells you to download a plugin or update to watch the video, exit the page immediately. And for additional security, use Avira Free Antivirus, which blocks adware.

The post Alton Towers Facebook Scam appeared first on Avira Blog.

Avira

Typosquatting tries to make a victim of everyone

Leave a comment

Reality sets the stage

The reality is that ‘legitimate’ sites – such as those provided by hotels, airlines, schools, or any other ‘official’ organization – can be and very often are infected by various types of malicious software (AKA malware). The malware, once installed, enables cybercriminals to capture private information parked on or passing through the computer of the unsuspecting website visitor.

In addition to our own Avira Protection Lab findings, even Google reports that the vast majority of websites infected by malware are legitimate sites that have been hacked – often without the organization behind the site even being aware of it. This is why IT security firms like Avira frequently contact companies to let them know that their official websites have been compromised.

Legitimacy distorted

With legitimate sites a larger potential target, and people going to them doing so with false confidence in their level of safety, smart cybercriminals know that there is deception potential, even if an organization takes all necessary security measures to ensure that its website is secure. Sometimes the most-effective attacks are against the simplest of human errors – in this case, the typo, and thus mistyped URLs serve hackers as a simple enough distortion of a legitimate site.

This method taking advantage of misspelled URLs is known as ‘typosquatting’. Also called ‘fake URL’, ‘URL hijacking’, and ‘brandjacking’, the approach relies on the human tendency to make an error when typing a web address into a browser’s address bar, taking advantage of the most likely spelling variants (e.g. phonetic) and errors (e.g. letter transposition) to set a trap for the unsuspecting typist.

What it looks like

A hacker using the typosquatting technique with www.example.com would use variants such as www.example.org, www.exampel.com, www.ecsample.com, and so on. Once the person arrives on one of the incorrect sites, he/she has landed on an infected webpage (or gets redirected to one of several or many owned by a ‘cybersquatter’).

In some cases, the fake site will also look just like the original site – same messaging, same graphics, same logo. In a best-case scenario, the infected page contains only advertisements, but some of these can act as malware by opening one after another even if you try to exit the page – a technique known as ‘mousetrapping’.

The hacker’s motive

Almost without exception, the motive is profit. In the case of ad-infected pages, hackers earn money by redirecting traffic to the ads, plus more when those ads are clicked (which is bound to happen, based on sheer numbers driven to them). In the case of malware-infected pages, hackers earn money by stealing private data that enables them access to bank accounts.

Your solution

Avira security software blocks malware and adware from installing on the potential victim’s PC, therefore preventing the theft of the Avira customer’s private data. While Avira Free Antivirus provides baseline protection (a level that everyone, without exception, should have as a bare minimum), Avira premium versions offer additional security layers and maintenance utilities to also keep your PC running like new.

The post Typosquatting tries to make a victim of everyone appeared first on Avira Blog.

Avast

Fake free codes scam affects PSN and Steam users

Leave a comment

Some webpages are giving away free codes for Playstation Network and Steam but, are they reliable?

At Avast we discovered a lot of webpages offering free codes, with a value from $20 to $50, for Playstation Network and Steam, two of the most important internet-based digital distribution platforms. Those webpages look very suspicious so we decided to analyze them.

We chose one of those webpages and followed all the steps required in order to get our “free code” for Playstation Network or Steam.

psnScam

After a first look at the main page, we found some suspicious items. To prove how trustworthy the transaction is, the webpage placed two security “certifications” in a visible location, but as we discovered, no security companies are associated with those certifications. They are completely fake!

Also, there’s a label with user ratings (4 ½ stars!), but we cannot rate the webpage; it’s just an image. Both fake images make the users think that they are in a safe and reliable website.

What happens when we click on a gift card? Are we going to receive the code?

The answer is no.

Let’s see what’s next:

PSNscam1

When we click on a gift card¸ instead of receiving the promised free code, we are asked to share a link with our friends in order to unlock the code.

Why do they do that?

When we share the link we are contributing to an increase in the number of visitors and, of course, the number of people that will try to redeem the “free code.” Keep this in mind, it will be important at the end of this post.

Ok, we already invited 5 of our friends and, in theory, we unlocked the code. Is this the last step? Are we going to receive the code now?

PSNscam3

Again, the answer is no.

Looks like they don’t want to give us the code. Suspicious, right? So, what do they want now?

As we can see in the image, in order to receive our PSN code, we need to complete a short survey (like inviting 5 friends wasn’t already enough?!).

When we click on one of the surveys, a little pop-up with a message appears on the top of the screen. The message says: “You must use your VALID information while filling this offer out”.

Why do they need our VALID information?

Here’s the reason:

PSNscam4

 

In order to receive the code, we need to introduce our phone number – our VALID phone number. But wait, before doing that, let’s read the text at the bottom of the page.

PSNscam5

Surprise! It’s a premium SMS service with a total amount of 36,25€/month (>$40/month)! If we enter our phone number, we will be automatically subscribed to this premium service.

Remember the 5 friends you sent the link to? Well, now imagine how many people can fall into this scam just by sharing a link to 5 friends: 5+(5*5)+(5*5*5)+… creepy, right?

And of course, there’s no free code for your PSN or Steam accounts.

Unfortunately, there’s a lot of webpages using the same method to get user’s money. Also, there are other webpages offering software to generate codes. Cybercrooks create those
fake apps and get money from “download servers” because they bring
them users.

Tonda Hýža, from the AVAST Virus Lab, described those webpages as Adware due to the big amount of lies, advertisements and weird privacy policies.

Make sure you share this alert with your gamer friends J

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.