Non-Trusted or Malicious Web Sites contain code
that may intentionally modify your computer
or network without your consent or
knowledge, causing harm. In many cases
infections can occur without having to run
any programs or open any attachments. This
is due to vulnerabilities on Web browsers,
operating systems or lack of security
software.
Currently there are tens of thousands of
malicious websites on the Internet. Some
of these sites can be reputable and trusted
companies that have unknowingly had their Web
servers compromised.
Web Site Delivery
Techniques Include:
 |
The inclusion of HTML disguised links within
popular web-sites, message boards. |
|
|
The use of third-party supplied, or fake,
banner advertising graphics to lure you to the Phishers web-site.
|
|
|
The use of web-bugs (hidden items within
the page - such as a zero-sized graphic) to track a potential customer in preparation
for a phishing attack. |
|
|
The use of
pop-up or
frameless windows to disguise the true
source of the Phishers message. |
|
|
Embedding malicious content within the
viewable web-page that exploits a known vulnerability
within the customers web browser software and
installs software of the Phishers choice. Abuse of trust relationships within the
customers web-browser configuration to make
use of site-authorized scriptable components
or data storage areas. |
Malicious web sites
A malicious web site contains code
which installs a harmful program such a
Trojan, computer virus or adware onto
your computer. If visited, the web site
may appear to be completely ordinary,
but behind the scenes it will be
installing the malicious code and this
may not be apparent, although sometimes
a program will launch unexpectedly, or
you may notice a lot of activity on your
Internet connection as the files are
downloaded. The malicious code may be
disguised within the page, so cannot be
easily be identified, unless you have
specialist knowledge. Even the plainest
looking page can conceal malicious code
behind the scenes.
Spoofed URLs ( Web Sites):
Viruses and Spyware can create code on
your computer and manipulate your Web browser. This
will trick you into going to a fraudulent Web site.
Some examples include task bar replacements or
address location bar that redirect you to a
different but similar looking site. Spoofed Web
Sites are deceptive Web sites that display the
address, or URL, to a legitimate Web site in the
Status bar, Address bar, and Title bar.
Spoofed URLs:
Many high-tech techniques have been developed to
spoof URLs. One technique involves using
JavaScript that covers the URL window at the top
of the user's browser with a graphic or text.
Others use browser-specific vulnerabilities to
obfuscate the URL. Both esult in the legitimate
URL being displayed instead of the fraudulent
URL. Furthermore, it is possible to have URLs
that contain specially encoded characters that
resemble standard ASCII characters, which can
also be done with International Domain Names
(IDN) to make addresses display nearly identical
to the website being spoofed.
Misspelled, Cousin
or Similar-Sounding URLs: In
this case, the fraudulent website has a URL that
sounds similar to the targeted company (e.g.,
www.searss.com ). A cousin URL resembles the
authentic URL of a trusted institution (e.g.,
www.aol-wallet.com ).
Only IP Address:
Rather than a URL, the website uses
an IP address. This could confuse non-technical
users, who might trust a website identified as a
string of numbers as opposed to a website with a
suspicious-sounding URL.
