May 27, 2011

Fake Epsilon breach warning tricks users

Among the most annoying things you can find online are pages that pretend to offer or try to push a service in order to make money by simply referring the user to another site.

While I can appreciate that some people are good at making money practically out of nothing, I get really irritated when these schemes try to frighten users into doing something.

Take the latest example that has been pinpointed by ISC:



The page in question is a landing page with the following URL: www.financialalertssystem.com/5/t/14.php?engsec=10&target=example.com. The last parameter/target - example.com - has been inserted by the researchers simply to make the page innocuous, but the target can be changed into any other domain.

As the target parameter changes, so does the domain name throughout the text, making the page easily customizable for targeting users of various online services. A bit of JavaScript also makes the date in the page always current, so that the user is pressured into acting immediately.

In this particular case, the page is intended to scare people into purchasing a credit report by mentioning the recent Epsilon data breach.

For a careful user, the page does not present a danger - a simple glance at the bottom of the page reveals a pretty straightforward disclaimer that says that the site in question is not sponsored by or affiliated with [TARGET PARAMETER] and that [TARGET PARAMETER] has not authored, participated in, or in any way reviewed this advertisement or authorized it.

It also explicitly states that the site is an ad, and that the author is payed for clicks that go through or for the purchase of products featured on it. And if all that doesn't make the user pause and think twice, let's hope that this sentence does: "This website, and any page on the website, is based loosely off true stories, and is a fictitious account."

No comments:

Post a Comment