by Larry Magid
This post appeared in the Mercury News
Microsoft’s revelation that it has discovered and disabled websites controlled by a group with ties to the Russian government is not only a warning to political operatives from both parties, but to everyone who receives email or goes to websites.
Realistic looking URLs
The sites in question used domain names that were similar — but not identical — to prominent conservative think tanks in an attempt to lure people into visiting those sites.
One example of a fake site was “Hudsonorg-my-sharepoint.com,” which included the the name and URL (web address) of Hudson Institute whose real URL is Hudson.org. Another is my-iri.org, a spoof site posing as the International Republican Institute, whose actual URL is IRI.org.
It’s important to look at the web address of any site before you click or provide any information.
If you get an email asking you to visit a site, examine the URL before you click on it. Usually (though not always) the organization’s name will be just before the .com, .org or .net. Most prominent organizations’ URLs will end in one of those domains rather than something like .email or .group. This isn’t a hard-and-fast rule. Some organizations might choose one of those newer domain designations and sometimes a group can’t get a URL with its own name so it has to change it up a bit.
If you see something that looks like a derivation of the group’s name, this should — at least — be a yellow flag. When in doubt, do a search; but even then, there is the possibility of a bogus listing, especially if it’s not the first search result for that organization.
Don’t fall for a realistic-looking website. It’s very easy to create a site that looks exactly like the site it’s spoofing, and if the hackers are sophisticated (as they almost always are when affiliated with governments), there may be no telltale signs other than the web address.
Dangers of spoofed sites
Also, never enter any personal information on a site unless you’re very certain it’s legitimate. This is a way for attackers to harvest names and contact information and, if you make a donation or purchase, steal both your money and your credit card information, which it can then exploit or sell to other criminals.
Never login or create an account on a site you’re not certain of because it could be used to capture your username and password and avoid using the same passwords for multiple sites (go to www.connectsafely.org/passwords) for advice on how to create easy to remember unique passwords.
But even if you don’t enter personal information, the site can easily track your IP address (which, in some cases, can be traceable to you, or your company, if you’re at work) and it’s possible for a site to download malware on your device, which can give hackers control of your device and access to your files, the websites you visit and what you type at the keyboard.
Also be careful about what you download. A PDF or other file on a fake site could subject you to malware.
Beware of search results
Usually, but not always, if you search for an organization or company, its legitimate site will come up as the first site in the actual listing. However, it is possible that a fake or unrelated site could come up first, and some may come up shortly below the first. Also, it is very possible that a paid (ad) link for a site not affiliated or owned by the company or organization will be listed above the search results.
For example, if you search HP support, you will probably get a site at HP.com as your first listing, but you will also get sites that are not affiliated with HP — such as one whose URL begins with “HPsupportassistant.”
I hate to admit this, but I almost fell for such a scam. My HP printer had a paper jam that I couldn’t fix, so I searched Google for “HP Support” to find their phone number and accidentally wound up calling a third party. My first clue was that a person answered the phone right away (sadly, that almost never happens with real support lines) but when I explained that I had a paper jam, he asked me to download software so that he could “fix” it. I knew there is no software fix for a paper jam and took another look at the site, and I hung up when I realized I had fallen for a fake one. I knew that for sure, when I realized that the site didn’t end in HP.com, which is the official URL for HP.
Take some time to avoid ‘wrong turns’
We’re all in a hurry and we have a tendency to click on web addresses and even links on sites we visit without giving it too much thought. I’m guilty as are many others. But we need to be a little more thoughtful. Just as we avoid turning down the wrong street when we’re walking or driving, we need to avoid going to the wrong sites when we’re online.