Oh, the joy of the Holidays. You may, like many, decide to buy some (or all) of your gifts online this year. And why not? Why go out in the cold, snow and slush, fight traffic, and have to walk a mile from the only available parking spot? Why push through aisles of crabby people only to find out that the person in front of you just bought the last Nerf N-Strike Stampede?
When you could have just stayed home in your jammies and fuzzy slippers and ordered it online…
Shopping online is fantastic. But unfortunately there are some modern day Grinches out there that try to ruin it for everyone. That latest e-mail you received from a “name brand” store that has the super Nerf Vulcan Automatic Heavy Blaster for half price just may not be legit. It could be a fake e-mail that leads you to a spoofed site.
Spoofed sites are a common technique that hackers use to collect personal & financial information from unsuspecting victims. A spoofed site is a site that is run by hackers, and is camouflaged to look like the website of a real store. Many times it is very hard to tell the difference between a spoofed site and a real one. Here are some browser screenshots comparing legit websites with sample spoofed sites.
See if you can tell them apart (Click images for larger view):
Wow, pretty much identical. The one on the top is the original site. The one on the bottom is fake. The only discernable difference is the address bar. If you look closely, the real site says “http://www.sears.com” while the fake site says “http://192.168.96.128”.
The address 192.168.96.128 is not a valid routable internet address, but a real spoofed site would be using a live IP address. Internet explorer 8 ties to help you out against these types of attacks by highlighting the website (domain) name in the browser. If you look at the address bar on the top, sears.com is in bold.
Here is another example:
Okay, these ones aren’t quite identical, but this shows that spoofed sites can look and behave just like the real ones. The advertisements have dynamically updated on the spoofed site just as they would on the real one. So advertisements beside, the only real difference is the address bar.
If you look closely, the real site has “amazon.com” highlighted and again the fake site just lists an IP address. One other difference is the icon in the address bar. The real site has the Amazon icon and the fake one has the generic internet explorer icon. But this is not always the case.
Using the IP address is just one tactic hackers use. For additional ways site names are spoofed check out my article, “Spoofing a Website Address: How to Obscure a URL”.
Please be careful this Holiday Season as you shop for your loved ones. Be leery of using links in e-mails, especially in unsolicited mail. You can always manually surf to the website yourself and find any deals that are legit.
Have a happy and safe Holidays!