Windows 10 News and info | Forum
November 12, 2018, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Scammers Ride on Voter Info Website Popularity to Push Scareware Alerts  (Read 8 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 29153


I Do Windows


WWW Email
« on: November 05, 2018, 02:54:18 PM »
ReplyReply

Online swindlers looking for a quick buck are using a domain that can be easily confused with a voter information website to redirect users to pages pushing various types of scams.

With the US midterm elections on November 6 and English comedian John Oliver promoting the website on his show last week, visits to VOTE411.org increased significantly.

Top-level domain confusion

The boost in popularity during this period draw the attention of online scammers who used the .com version of the original domain to point visitors from macOS and iOS platforms to pages showing fake malware infection alerts.

The scammers attempt to take advantage of the users that do not pay attention tot he TLD (top-level domain) detail and instead of adding.ORG at the end of the domain name they go with the more popular.COM.

This is the classic technical support scam where the victim is supposed to call a number to receive paid assistance in removing the threat. Pretending to be part of a popular company's support staff the scammers' purpose is to trick the victim into paying for fake services.

Amanda Rousseau of Endgame discovered the VOTE411 scam and recorded the redirects coming from the .com variant. The alert that pops up on the screen says that the iPhone is infected with the Pegasus spyware (known as the creation of the Israel-based company NSO Group) and provides a phone number for assistance.



The fraudsters have set up multiple redirects, some of them for pages specifically designed for iOS users.



Lukas Stefanko of ESET also analyzed the scam and says that it does not attempt to deliver a binary. "Most of the time, it leads people to SMS subscription or to lure credit card details," he replied to Rousseau.

He added that when he loaded the website on an Android device he received a localized version of the scam that enticed the user with the opportunity to win a $6.5 million jackpot.



It is easy to confuse the name of a domain and land on a dangerous page. The typical recommendation when a website shows alerts about your system being infected with malware is to close it immediately.

source
« Last Edit: November 05, 2018, 03:14:59 PM by javajolt » Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page November 06, 2018, 08:34:18 AM