Search the Community

Showing results for tags 'scams'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General
    • News and Announcements
    • SUPERAntiSpyware Blogs
  • SUPERAntiSpyware Free Edition and SUPERAntiSpyware Professional
    • Frequently Asked Questions
    • General Questions
    • SUPERAntiSpyware Centrally Managed Solution
    • Marketing and Promotion
    • Suggestions
    • False Positives
  • Malware Removal
    • Malware Removal Discussion
    • Malware Diagnosis and Help
  • SUPERAdBlocker
  • SUPERAntiSpyware Pre-Release
  • Other
    • Off Topic

Found 2 results

  1. Typosquatting is a type of internet scam that relies on end users making mistakes, such as spelling errors or entering the wrong domain name when entering a websites URL. It is also commonly known as URL Hijacking. There are many motivations for a hijacker to take the Typosquatting approach to deceiving unsuspecting victims: 1) To redirect web traffic to their own or a competitor’s product. 2) Installing malware to infect the user’s machine, typically with ad-hosting pieces of malware. 3) Freeze the web browser for a fake Tech Support scam, scaring the user into calling a fake tech support number claiming the user has a virus infection. These scams potentially cost the users hundreds of dollars. 4) To steal user information by running a phishing scheme to mimic legitimate website. 5) Making revenue from the user clicking on advertisements (either in plain site or disguised as legitimate search links) on the Typosquat website. 6) To blackmail or strong-arm payment from the company they're Typosquatting in order to force a purchase of the website from the Typosquatter. A scammer who runs a Typosquat scam typically registers a website address with spelling close to the legitimate websites address. This is typically something simple like omitting a letter, adding a letter, or using a different Top Level Domain. For example if a user wants to go to our website, they may end up typing superaantispyware[dot]com with double a’s. This will end up showing a user a Typosquatting website such as this: Another type of Typosquat scam would be due to the person improperly typing out the full URL, typing something like google [dot] om , rather than typing google [dot] com. In this instance, the person typing the .om domain would actually be viewing a page hosted on Oman's Top Level Domain, rather than the basic .com domain. In some instances, large corporations will buy up as many associated domains as they can in order to prevent this type of mistake (Google, for example, has variants of their site containing multiple o's and different Top Level Domains); however, not all companies have the foresight and/or money to do this. It is easy to avoid falling prey to a Typosquatting scam. Here are a few easy things you can do to prevent this. 1) Never open links in emails from unexpected senders, and exercise caution when visiting sites you're not familiar with. 2) Bookmark your favorite websites so you can easily access them. 3) Use a search engine like Google, Bing, or Yahoo when looking for a specific website if you are unsure about the spelling or if the business' website is the same as their name. Some car dealerships, for example, use dealer names or slogans as their website. 4) Double check the URL you are typing before loading the page 5) Make sure Real-Time Protection is turned on in SUPERAntiSpyware Professional 6) If you are starting a web-based business, consider buying multiple domains that are similar to your primary site to preemptively stop Typosquatters. Most domain registrars will offer bulk rates when you purchase more than one domain at a time. While this type of attack is somewhat uncommon by today's standards, it still happens every once in a while. By practicing safe browsing habits, keeping your web browsers up-to-date, and running regular scans of your machine, you should not be impacted by most of these types of attacks.
  2. Some of the earliest computer viruses and malware were created using macros in Microsoft Office documents. These pieces of malicious code would run once the document was opened, and the infection would happen without the user even being aware that their machine had been compromised. While these types of attacks had fallen out of favor over the years, they've come back in style and are more popular than ever before. What exactly is a macro? While you've probably heard the term thrown around before, most people don't actually know what they are, or what they're capable of. In short, macros are little snippets of code that run through your office software. Many people use macros to speed up a repetitive processes, like formatting items. Unfortunately, the same type of code that is used to perform the mundane can also be used to perform the malicious. Due to the ease of abuse, Microsoft removed the automatic enabling of macros many years ago. This is ultimately what lead to the majority of these types of attacks going by the wayside. Because there was no longer a way to abuse this on most machines, would-be attackers changed their methods to more traditional programs, which are far easier to detect with a normal malware scanner. With the recent surge in ransomware, new methods of delivery were needed by would-be attackers. The anti-malware engines had been able to detect many variants, and it was only getting easier. This meant that stealth was needed. What better way to do that than to bring back a tried-and-true method in Office Macros. Few people expected it due to the fact that these infection types hadn't really been seen in years. The basic attack is carried out like this: 1) An infected person sends you an email with the subject similar to "ATTN: Invoice Attached" that has a Word document attached. 2) The person downloads and opens the file, only to see a garbled mess of characters with a notice that says "Enable macro if the data encoding is incorrect" in big bold red letters at the top of the window 3) The unknowing victim enables macros, thereby initiating the malicious code 4) The code runs, sending out an email to your Outlook contacts (attempting to infect them), downloads whatever payload(s) it wants, then runs the ransomware (locking your files) Because of the sharp increase in these types of attacks, Microsoft, SUPERAntiSpyware, and many other security vendors recommend that all users disable macros if they do not need to use them. While Macros should be disabled by default, it is worth double-checking your preferences in order to ensure that you are protected as best as possible. For more information on how to disable macros in Office files, please visit this Microsoft Support article. NOTE: This is a recommendation specifically for home users, if you are in a work environment please contact your IT department first before making any changes!