The Common Typo That Can Steal Your Computer

The latest ploy cyber criminals are using to spread ransomware and other types of computer malware to provide them with remote access to your computers or to steal log-in credentials: After buying domain names with a missing or misplaced letter in website addresses belonging to well-known companies, they simply wait for you to make a typo.

The biggest threat results in the most common typos — either a misplaced or missing “c” (such as typing amazonc.om or amazon.om) so a web address ends with “.om” instead of “.com”.

Those two Amazon domain names are among more than 300 .om-ending domain names that hackers have purchased for this new malware-spreading scheme. Here’s the complete list, which also spoofs Facebook, LinkedIn, AOL, banks including Bank of America and Wells Fargo, pharmacies CVS and Walgreens, retailers such as Walmart and JC Penney, and even online porn sites.

FREE DOWLOAD: Ransomware: A Growing Cyber Threat

True, cyber criminals have long used website addresses with a missing, extra or misplaced letter to spoof those belonging to well-known brands for typo trickery. But the usual MO has been to lead consumers to copycat websites that sell counterfeit goods, aim to steal credit card info that people provide for supposed purchases, or promise a prize to those who complete a survey that actually mines for sensitive personal information.

RELATED: The Union Built Cloud: Protection You from Cyber Criminals

This new malware-spreading angle — called typosquatting — was discovered when researchers mistyped Netflix.om instead of the correct Netflix.com, and was redirected through a series of dubious pop-up ads and, eventually, to a malware-infested site that prompted him to download a file that appeared to be an Adobe Flash Player update. That familiar fake “Flash Update” usually serves up risky (and possibly malware-laden) pop-ups and other annoyances on computers, so don’t download or install it.

Researchers says that most of the .om-ending sites it discovered operate the same way: They don’t directly install malware but, instead, lead to other infected pages. So that’s good news, at least.

typesquatting-cyber-terrorism

In addition to .om-ending risks, other typosquatting tricks that may result in malware that gives hackers control of your computer and everything on it include website addresses with doubling characters (“googgle.com”), missing letters (“gogle.com”), adjacent keys (“googlw.com”) and letter swapping (“googel.com”).

RELATED: Cyber Terrorism: Why You’re Vulnerable

So carefully read what you type before hitting Enter to access a website, especially if you’re a fast or fat-fingered typist. That’s also a good practice to follow before clicking on links that appear in search engine results or online advertisements; they, too, may have typos that spell trouble.

Backup is the Best Protection for your Data

We recently published a white paper to educate and guide you through the growing threat of Ransomware as well as information on Union Built Cloud services, a best-in-class secure data storage solution that automatically backs up your data keeping it out of the hands of cyber criminals. Use them and navigate the web with a lot more peace of mind.

Learn more about the Union Built Cloud, contact us with your cyber security questions and concerns and Like Union Built PC on Facebook, Follow us on Twitter and LinkedIn and subscribe to the Union Built PC monthly email newsletter for Union News delivered straight to your inbox.

Advertisements

99% of Computers Are Vulnerable to Cyber Terrorism… Yes, this means you!

Did you know 99% of computers are vulnerable to cyber terrorism?

99-percent-of-computers-are-vulnerable-heimdal-security

Cyber security fact…

Oracle Java, Adobe Reader or Adobe Flash is present on 99% of computers. That means that 99% of computer users are vulnerable to exploit kits (software vulnerabilities).

Why?  Because the vulnerabilities that these types of software often present are extremely critical: all it takes is one click on an infected advertising banner to give a hacker full access to your computer.

Adobe Flash has a huge number of vulnerabilities, so cyber criminals target it in the majority of their attacks. By using these security holes in Flash, attackers can infect your computer with ransomware, such as various CryptoLocker variants or Teslacrypt and CTB-Locker.

FREE DOWNLOAD: The Growing Threat of Ransomware and How to Stay Safe

Without adequately protecting your browsers and your entire system, you’ll leave yourself vulnerable to a huge range of cyber threats.

How it affects you and what can you do to get protected:

  • Keep your software updated at all times (the experts say so, not just us) or install a solution that does that automatically and silently.
  • Keep your operating system up to date.
  • Install an AV solution and a supplement that can do what AV fails to do: protect your system proactively from cyber threats by scanning incoming and outgoing Internet traffic.

In addition…

social-media-hacking-heimdal-security

Social Media is a hackers’ favorite target!

Currently, according to in depth statistics, there are more than 1.6 billion social network users worldwide with more than 64% of internet users accessing social media services online. Moreover, social networking is one of the most popular ways for online users to spend their time, and a preferred way to stay in contact with friends and families.

This is precisely why cyber attackers love social media as well! Users that spend a lot of time on social networks are very likely to click links posted by trusted friends, which hackers use to their advantage.

Here are some of the most popular types of cyber attacks directed at social media platforms:

  • Like-jacking: occurs when criminals post fake Facebook “like” buttons to webpages. Users who click the button don’t “like” the page, but instead download malware.
  • Link-jacking: this is a practice used to redirect one website’s links to another which hackers use to redirect users from trusted websites to malware infected websites that hide drive-by downloads or other types of infections.
  • Phishing: the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by disguising itself as a trustworthy entity in a Facebook message or Tweet.
  • Social spam: is unwanted spam content appearing on social networks and any website with user-generated content (comments, chat, etc.). It can appear in many forms, including bulk messages, profanity, insults, hate speech, malicious links, fraudulent reviews, fake friends, and personally identifiable information.

Why are cyber attacks on social media so frequent?

Because social media users usually trust their circles of online friends. The result: more than 600,000 Facebook accounts are compromised every single day! Also, 1 in 10 social media users said they’ve been a victim of a cyber attack and the numbers are on the rise. Now this is a cyber security statistic which we don’t want you to become part of.

How it affects you and what can you do to get protected:

  • Don’t click any strange links.
  • Educate yourself about how cyber attacks look and work on social media platforms and learn how to protect your Facebook, LinkedIn, Twitter and Instagram accounts.
  • Install a solution that can protect you against malware and dangerous web locations.

No threat is too small, no protection is too strong

However big or small, cyber security threats should be treated with caution. You may not be a millionaire (yet) or a C-level manager, but that doesn’t mean that you’re protected against a potential hacker attack. Don’t spare any precautions you can take and try to develop your own protection system with the tools and information you find online, such as this list of cyber security facts.

Backup is the Best Protection for your Data

We recently published a guide to educate and guide you through the growing threat of Ransomware as well as information on Union Built Cloud services, a best-in-class secure data storage solution that automatically backs up your data keeping it out of the hands of cyber criminals.  Use them and navigate the web with a lot more peace of mind.

Learn more about the Union Built Cloud, contact us with your cyber security questions and concerns and Like us on Facebook, Follow us on Twitter and LinkedIn and subscribe to the Union Built PC monthly email newsletter for Union News delivered straight to your inbox.

UNION BUILT PC TOOLS AND RESOURCES

FREE DOWNLOAD:
Ransomware: A Growing Cyber Threat

The Union Built Cloud: Protection You from Cyber Criminals

Download the Union Built Cloud Brochure

Cyber Terrorism: Why You’re Vulnerable

5 Common Computer Problems and How to Fix Them