Identifying “Spoofed” Websites
Website spoofing: Is the creation of a replica of a trusted site with the intention of misleading visitors to a phishing site. Legitimate logos, fonts, colors and functionality are used to make the spoofed site look realistic in some cases utilizing a URL similar to the real site.
Once you click a link on a site page or in an email you have received.
Its looks like the email is from the bank or trusted organizations site, it has their familiar logo and all their usual wording in it. The clicked link takes you to a page with the usual account login fields for enter your username and password.
The URL up in the address bar is the usual URL for your on-line banking and so you’re pretty comfortable. You type in your username and password but for some reason it doesn’t take. You try again and you’re logged in in the usual fashion and see all your account details. Everything is as it should be.
Or is it?
- Are you certain that the site you are looking at is what it appears to be?
- Is it coming from the company it claims to?
Unfortunately, it is very possible that you have just become a victim of a crime involving a “spoofed” website address and the contents of all your bank accounts are now at risk. How does it work, and what can you do to protect yourself? Let’s take a look. The criminal starts by obtaining a legitimate email from the bank in question. This could have come from an actual account they or one of their associates opened, or it may have come from the email program in a lost or stolen notebook or home computer. They also copy the login page from the bank. Using phony ID they set up a site on a hosting company somewhere and put up the copy of the login page, but with some code written into it to capture the entered username and password and transfer the visitor to the legitimate login page.
Next, they send out the emails with some pretext that requires you to login and check something on your account. The emails have spoofed sender and return addresses so that they look like they came from the bank. The link in the email uses another spoofing technique to display the legitimate website address in the address bar and status bar of your browser while actually displaying the fake page. You click it, it takes you to the fake page, but everything looks normal to you. You type in your username and password; the fake page captures your identification and sends you over to the legitimate login page. Depending on the way the bank’s site (or auction, or web payment or any other financially useful page) is constructed, it might also be possible for the fake page to pass your identification over to it so that it logs you right in without you having to type it a second time.
The Crime That Is In Progress
Using the Internet for bill payments and on-line banking is such a convenience. It’s also pretty safe if you can recognize these spoofs and avoid them. So how can you tell if the site you’ve landed on is the site you think it should be? First, any site dealing with financial matters, whether banking, buying, selling, transferring money or using money or credit or debit cards in any way at all, should be secured with SSL/TLS. This is “Secure Sockets Layer/Transport Layer Security”. If the site doesn’t use SSL/TLS (commonly just called SSL), don’t use the site. SSL encrypts data being sent back and forth between your browser and the server hosting the site, but it can also be used to verify the identity of the server.
When SSL/TLS is in use, a padlock is shown in the status bar (in Firefox, the padlock is always there, but is open on unsecured sites and closed on secure sites – other browsers may use different symbols.) If you don’t see the status bar, in Internet Explorer, click “View/Status Bar”, in Firefox click “View/Show-Hide/Status Bar”, to enable it. Double click the padlock icon and the certificate details are shown. The “Issued To” name should be the name of the site. If it is not, you may well be looking at a spoofed site, and you shouldn’t provide any of your information.
If the site is not an SSL secured site, perhaps because it doesn’t actually use financial information but collects or uses some other personal information, you should consider carefully whether or not you want to provide any of the requested information. These sites can also be spoofed.
Prevention
So much better than cure! The best way to prevent yourself from becoming a victim of a spoofed site is to never use a hyperlink to get to a financial page unless you are CERTAIN that it is a legitimate link. That means, never use a link in any email to take you to a financial page. Instead, type the address into the address bar yourself. This is a minor inconvenience compared to having your bank accounts emptied. Tip: Keepass can be used to copy and paste the link and not typed…
If you started by typing in a known address to a site and you are now following links through the site to its secured financial pages, you can be pretty sure they are legitimate links. If you’ve been taken off to another site somehow, and are now being returned to the financial pages, I’d be more cautious if I were you — time to check that SSL certificate!
If you typed in the address to a site to visit it and then saved it in your “favorites” list (bookmarks), you can trust it (unless you believe somebody with malicious intent might have had access to your favorites list!) The best way, however, is to memorize the address and type it in yourself, or use Keepass.
One more thing, I know it’s convenient to use the same password for all the secured sites you use, but it’s just not a good idea. Think up a way to create a password that varies from site to site, perhaps using something about the site as a part of the password. When creating passwords, think first about how easy it would be for someone else to figure it out. Your child’s name, your dog’s name, your address and pone numbers, birthdays, etc. are all very bad ideas. Devise something else that’s personal enough to remember, but not easy to guess. Complicated is good! Mixtures of numbers, letters and special characters are good! Words are bad! and for God sake don’t use password, see this article concerning unsafe passwords. See: List of top 25 worst passwords used in 2019
And lastly, don’t write passwords down, remember them. (DON”T EVER WRITE THEM DOWN!) Or use a Password Manager one I recommend and use is below.
What is KeePass?
Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your website’s FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem… A serious problem. The thief would have access to your e-mail account, website, etc. Unimaginable.
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). For more information, see the features page.
Is it really free?
Yes, KeePass is really free, and more than that: it is open source (OSI certified). You can have a look at its full source and check whether the encryption algorithms are implemented correctly.
Notes: The Database can be imported from one device to another meaning you could copy from an android or IOS device to a computer and back to android etc. Changes on any device to maintain one concurrent database for use on any digital device.Keepass is cross platform compatible.
- Using copy and paste methods from Keepass to data entry fields, meaning username/passwords this data is only held in memory for a certain period of time “adjustable” and then dumped from memory doing this method key stroke logging and monitoring are bypassed if your system device is compromised.
- Supported operating systems: Windows Vista / 7 / 8 / 10 (each 32-bit and 64-bit), Mono (Linux, Mac OS X, BSD, …).
- Screen Shots for Keepass
If you need assistance Contact Me to learn how to upgrade your security conscious habits.
