BANGALORE, INDIA: Websense ThreatSeeker Network has detected new dangerous trend in phishing scams. According to a report by the web security firm a number of fraudulent web sites have now made it to the global top 250 high Alexa ranking list.
According to Websense, some of the fraudulent sites rank even better than genuine big name portals. In this campaign, the fraudulent sites pretend to be from YouTube, and they try to lure you in by saying you have been selected to complete a survey for a chance to win a gift such as an iPhone 4S.
ALSO READ: How typosquatting scams work
The web security firms investigation has further found that survey campaigns that spread in social networks are usually localized by area or language. This means that traffic for spam sites used in campaigns are limited to related countries or regions.
However, video rewards survey campaigns can spread globally as they have a high Alexa rank almost in every country, and they have no language barrier. Additionally, the spam site server checks the IP addresses of visitors and shows the location information on the page to appear more authentic. One of the spam sites used in this campaign is video-rewardz.com, which at its peak, reached Alexa’s top 250 list. The spam site has a high Alexa rank dating from Dec 19th 2011. The spam site is still available now and has a lot of traffic.
The major source of traffic to fraudulent sites is from mistyping of the twitter.com Web site, the Websence investigation has found. To drive traffice to such sites the attacker needs to register several typosquatting sites for Twitter and redirect the typosquat site to another site such as video-rewardz.com. This explains why it is global spam campaign, and why it can generate so much traffic. Twitter is very popular site and it’s easy for people to mistype this URL.
To prevent such attacks, some big names like Google or Facebook have registered some names that can be easily mistyped for their portal. However, Twitter has not done this and this makes them susceptible to such attacks, causing them to have an extremely high Alexa rank spam sites.
Listed below are typosquatting sites registered by attackers:
ttwitter.com
twwitter.com
twiitter.com
twittter.com
twitterr.com
twutter.com
twiter.com
Additionally, Websence has found other spam sites related to this campaign:
videorewardcentral.com
videorewardsonline.com
socialupdatepanel.com
videorewardstoday.com
videorewardsnow.com
giveaway-winner.com
videorewardspace.com
video-reward.com
videorewardspot.com