Tag Archives: replica websites

Online Holiday Shopping 2016 – Fake Apps & Online Stores

id-10079637

Courtesy Stuart Miles

Holiday shopping for the best deal is a chore. Like most smart shoppers you use whatever tools you can find to get that great deal. But avoiding holiday scams is a real job and you have to be alert. Fake shopping apps and online stores are making your job a lot more difficult.

The holidays offer cyber criminal a great opportunity to fool customers into downloading malware . Once this malware is on board your computer, laptop or smartphone it can easily steal your personal and banking information. Criminals can and do create perfect replicas of popular brands and websites that draw unsuspecting customers to their site or mobile app.

A recent FBI press release warns consumers about fake app scams. These scams are often disguised as games. But don’t be fooled by fake apps that mimic well-known brands like Nordstrom’s and Nordstrom’s Rack, Dollar Tree, Dillard’s  and other popular stores and websites. Smartphone users can be fooled into downloading the app and then connecting it to their Facebook account or email. Like most things connected to Facebook the victim willingly  gives away personal information. These apps can also infect your phone or tablet with malware.

Just because you downloaded an app from the Apple App store or Google Play do not assume that you are safe. Recently Apple found and removed hundreds of fake shopping apps from its app store.

Chris Mason, co-founder of Branding Brand warns consumers to look for red flags before downloading shopping apps.  Warning sign of a fake app include typos and run-on sentences in app descriptions. Mason says to look beyond a brand’s logo when you download an app from Google Play or the Apple Store. Don’t download the first one you see. Check customer reviews for poor or one-star reviews or numerous user complaints about excessive advertising. All these could be a red flag that the app is fake.

There are also FBI warnings about fake deals from unfamiliar sites. The holidays are prime season for fake pop-up websites. And these sites are not so easy to spot. Cyber criminals are extremely clever at making these stores look legit. According to Inc.com these fake sites price most products competitively, but you can also find ridiculous deals designed to entice shoppers. Regular priced items mixed with the unbelievable deals make them look like a real store. But remember two things; “If it looks to good to be true it probably is,” and just because a store shows up in Google search doesn’t mean it’s legit.

 

Online Holiday Shopping 2015 – Is That Website Trustworthy?

Bad SantaAfrican-Americans all over the county are about to dive into the holiday  season to exercise close to a trillion dollars in buying power.  And you can bet a lot of that money will be spent online this season. So the question black people should be asking is; Is that website trustworthy?

Internet holiday shopping scams cost Americans more than $50 million in 2014. Much of the holiday scams involved phony sales from dubious websites. These websites offer hard to believe prices. The old rule still apples; if it sounds too good to be true then it probably is.

So how can you tell if a website is real or not? First lets start with one of the oldest tricks in the book, fake or replica websites. Cyber criminals are very, very good at creating websites that look exactly like legitimate online stores. You may find one by accident or it may arrive in you email inbox. Cyber criminals will send out emails that lure unsuspecting consumers to their fake website that look exactly like Walmart.com or Amazon.com  or any of the popular online stores. The email may say that you have been selected for a special sale for a limited number of customers. You will find prices you won’t believe and you may even click on the link. Here is where you get taken. That link will take you to a website that looks exactly like Walmart.com but it won’t be. Look closely; the URL or website may read Wall-mart.com or Wallmart.com or Amozon.com or something very similar to the real site but designed to trick you. Be aware! Examine the URL or web address of the website carefully for anything that does not look right. Hover you cursor over the ink and look at the web address that pops up. This is a classic scam that robs thousands of people every holiday season.

If you enter your credit card information into one if these fake websites you can bet your card will be maxed out in a matter of hours.

Smart shoppers will explore the Internet for the best bargains. And these consumers will find good deals but may question the website’s trustworthiness. Fortunately there are websites that specialize in measuring website trustworthiness. Start by learning how to identify a trustworthy website here.

logoOne of the top website trust services is ScamAdviser.com. The site is easy to use and interpret and can save you money and headaches. Simply enter the web address into box and click on ‘Check It Now’. The site will return a grade on a sliding bar that will tell you exactly how trustworthy the site is. You can see what other people have been checking by clicking on the ‘Recent Checks’ menu tab. Click on the ‘Risk Sites” tab and see instantly the websites that have been labeled risky or untrustworthy. If you have a question or interest you can find answers under the ‘Forums’ tab .

Be aware that the FBI has already warned consumers that cyber scammers will be out in force this holiday season. And again the FBI warns about deals that seem too good to be true.

The FBI warns consumer of some very common tricks. These include, as was mentioned earlier, sending phishing emails advertising hard-to-get items. If you get caught in this scam it could end up costing you more than money. You could see your holiday season go down the toilet by having all your personal and credit card information stolen. And beware of  social media traps. These traps work by offerings free $500 gift cards seemingly posted by a friend. The truth behind this trap is that your friend’s account has probably been hacked and the hacker is looking for more victims.

 Now you know.

 

 

 

 

Fake Websites and Phony Trust

www.keepcalm-o-matic.co.uk

If you follow the African-American Cyber Report you know there are certain rules that we preach constantly. You can find these rules on the homepage. But I need to point out two of those rules that come into play here. Rule #1 “The only rules on the Internet are the ones you impose and enforce.” And rule #10, “Everything on the Internet is real; just not always true.”

I encourage black people not to trust anything you see on the Internet simply because its all suspect until you verify it. That is the case with all those seals of approval you find on the Internet websites. They could be worthless because the are so easily copied and used by scammers and malicious actors online. Those badges or seals are known as “trust seals” but really they are just images, pixels, on your screens. Anyone could copy and paste these images on any webpage. Yeah it might look fancy and official but that means nothing. Check rule #10 again. Whenever you are about to buy something online or download some app or software you need to first verify that you are indeed dealing with a reputable party. You need to do your homework.

African-Americans are warned to impose their own standards on everything they do online and protect yourself from the bad actors you are bound to come across on the wild world web. Check rule #1.

You might be ready to buy software or a game or movie online or download an app and see this;  “CNET gave our software a 5-star editor’s choice rating,” or “We are a BBB accredited business with an A+ rating.” Suspicion of these statements would serve you well.

Any malware author or phisher could copy and paste a logo, seal or statement on a  malicious website in a few seconds. Someone that copies those seals or statement to mislead people would be violating copyright law but how many people are going to lose money before that person is caught and shut down?

 

And if you did not know there are literally thousands of phony, duplicate or replica websites on the Internet. You can easily get caught up in a scam or get stuck with malware, ramsomware or a virus if you are not careful. Do you home work and study how to spot phony websites.

When you see those seals or badges on a website you should be able to click on it and be taken directly to the website that provided the seal of approval. Once there the seal-provider’s website will verify whether the original website you were on is actually a recipient of the seal.

Ok, that’s how it is supposed to work. But does it really? In reality even if the site is legitimate clicking on that badge may not work. This where you have to do your homework. Take the time to go to the seal providers website and investigate to see if the software is really a “PCWorld editor’s choice” or accredited by the Better Business Bureau. Listen to me when I tell you that those seals, badges and quotes don’t mean a damn thing by themselves. You need to protect yourself. No one is going to do it for you.  Check rule #1 yet again!

In some cases doing the research may not be a easy task. Microsoft doesn’t offer an easy-to-find “certified partners” list but we found it here in case you need it. However, some seals you can click,  but again, you could be transferred to a phony replica website.  Investigate the web address closely look for misspellings that could look like the web address but is not.  This trick is called typosquatting or URL hijacking. Here is an example; www.google.com is the real website. the fake could look like this www.gooooogle.com or www.goggle.com. Look carefully at the differences.

Another problem you need to be aware of is that those seals and logos don’t always mean what you think they mean.  For example, that “Norton Secured” seal only means that the website is scanned daily for malware and other vulnerabilities. That is not considered the ultimate level of security or privacy. The BBB Accredited badge means the website’s company is registered with the Better Business Bureau. It is not an indication of the level of satisfaction of its customers. That 5-star rating from a software download site just means a reviewer at some point in the past gave that program a good rating, or the scammer gave themselves five stars. And that “Microsoft Certified Partner” badge has its own issues. It doesn’t seem to mean much at all except maybe the software works with Windows computers.

 “Be paranoid when you are online. It’s a great defense mechanism.” 

I understand all this can be confusing and even frustrating. You need to use that fear and frustration as fuel to protect yourself. But there are a few things you can trust when online. Look for the green bar on your URL window. That’s the window where you type the web address of the website you want to go to. When you see that green name next to your address bar that is a definite confirmation that the website has had its identity verified. Read more about these “Extended Validation” certificates and how they’re more trustworthy than typical SSL certificates.

The above image reveals the real PayPal website and a phony site. Notice the green in the address bar.

Lets be real about this. You will find legitimate websites displaying a fake seal. And eventually they will get caught and be forced to remove it. But how legitimate is a website that fakes its trustworthiness? What you should worry about are the pop up sites that are here today and gone today. These are the site that distribute malware, launch phishing scams and steal data. Its those websites that get the most benefit from stealing these seals. They are breaking the law anyway so faking a seal-provider’s logo or seal is really no big deal for them. Be most cautious when it come to financial websites like your bank. A fake website like www.wellsfago.com is waiting for you to log on thinking its www.wellsfargo.com.

Its the Internet; trust no one.

Now you know