Malware syndicates are constructing 57,000-plus new malicious websites each week to rip off Internet users and spread even more malicious code, according to a new study conducted by security software vendor Panda Security.
eBay, Western Union and Visa are the three most-targeted companies, accounting for more than half of all the bogus websites created during the three-month investigation.
There are several machinations of the scam, but all of them have the same goal: confusing or tricking people into believing they're visiting a legitimate site, extracting their passwords and banking or credit card numbers, and then quickly using this information to steal cash or use the account details to purchase other goods and services.
Sometimes victims are directed to the faux websites through links embedded in spam. Other times they appear after hackers have gamed search engine queries. Still others are stumbled upon when users accidentally mistype the URL for a legitimate bank or ecommerce site.
"Although search engines are making an effort to mitigate the situation by changing indexing algorithms, they have so far been unable to offset the avalanche of new websites being created by hackers every day," Luis Corrons, PandaLabs' technical director, said in the report.
Hackers for years have targeted legitimate websites with complex SQL injection attacks that embed malicious code -- often iframe loads with Trojans or worms -- on legitimate sites to do their dirty work for them. Now, the trend is to simply build corrupt sites and, with the trap set, sit back and wait for potential victims to come to them.
Panda Security researchers found that banks comprise more than 65 percent of the fake websites they unearth, with HSBC, Bank of America and Bendigo leading the parade. Online auction and ecommerce sites, such as eBay and Amazon checked in second at 27 percent of the bogus sites discovered.
In June, online gamers learned firsthand just how effective and destructive these malware campaigns can be when Baidu.com, the most popular search engine in China, was infected with a blackhat SEO scam that pushed some 50 million-plus registered to its Mop.com gaming sites infested with a variety of phishing (define)exploits.
"Given the proliferation of this technique, we advise consumers to visit banking sites or online stores by typing in the address in the browser directly rather than using search engines or links in an email," Corrons said.
Return to security news headlines
View Security News Archive