Be Careful What You Click For
The strongest firewalls and most savvy anti-virus/anti-spam software can't protect you from phishers. Here's how to not get caught in their nets.
by Joseph Moran
Even if you've never fallen victim to phishing and we certainly hope you haven't you're probably familiar with the term, which refers to an attempt to lure someone to a legitimate-looking Web site via an e-mail link. The site, of course, turns out to be bogus, usually set up as a way to fraudulently obtain your personal financial data. (McAfee offers an online quiz to help you distinguish real sites or e-mails from phishing ones here.
Phishing is an especially malevolent practice, but it turns out that the Web is teeming with all kinds of sites designed to mislead you to one degree or another.
These ersatz sites may not necessarily be looking to steal your bank or credit card account numbers, but that doesn't mean they're not targeting your wallet, as you'll see in a moment. Two practices in particular called domain parking and typosquatting are things that any knowledgeable Web surfer should be familiar with before firing up their browser.
First, a bit of background. Over the past few years, the growth of pay-per-click advertising through Google, Yahoo and others has made Web traffic very lucrative. This has lead to an explosion of domain parking by "domainers," many of whom are making small (or sometimes rather large) fortunes by registering domain names, filling their pages with advertising links and then collecting revenue each time someone clicks on one of them.
There's nothing inherently wrong with pay-per-click advertising; indeed, it's used all over the Web. But a common tactic of domain parkers is to register domain names that contain a popular search terms (or closely-related words). This is designed to ensnare people that, either inadvertently or because they don't know any better, type what they're looking for directly into their browser's address bar rather than a search engine.
This usually results in a page of links that have all paid to be there, as opposed to a search engine query in which the majority of the links presented are based (broadly speaking) on popularity. (Search engine results also include some paid links of course, but they're clearly identified as such.) While many perhaps even most of the ads on parked pages may lead back to legitimate and reputable entities, it's important to remember that it's payment and not prominence that determines what links a parked page offers you.
A particularly pernicious form of domain parking is typosquatting, in which someone will intentionally register common misspellings of popular Web sites for the express purpose of intercepting those looking for the legitimate site. For example, www.circuitcity.com is the official site of the well-known electronics chain, but if you accidentally enter www.curcuitcity.com, (an easy misspelling to make) into your browser, you'll find yourself somewhere else entirely.
Similar examples abound on the Web. Many of these sites are nothing more than crude collections of text ads that wouldn't fool an alert surfer into thinking they were on a legitimate site. But just like spam, typosquatting exists because lots of people do get taken in by it, if for no other reason than they're not paying close enough attention to what they're doing.
Companies are increasingly pursuing legal action against typosquatters based on trademark infringement laws, but typosquatting can also be used to exploit misspellings of top-level domains like .com. Some domainers are reportedly working on deals within countries like Camaroon (.cm) Colombia (.co), and Oman (.om) whose national domains conveniently lend themselves to typos of .com.
Fortunately, some companies are attempting to mitigate typosquatting by registering misspellings of their names themselves (go to amaxon.com and you'll see what I mean). Another thing you can do to get a modicum of protection from typosquatting is to use OpenDNS. DNS, or Domain Name Service, is the database that allows your system to locate the sites you type into your browser, and OpenDNS will automatically correct misspellings of top-level domains. All you need to do to use OpenDNS is enter it's DNS server addresses (18.104.22.168 and 22.214.171.124) into your broadband router DNS settings (check your router docs for specifics).
The best way to avoid any unpleasant effects of domain parking or typosquatting is first and foremost to be alert. You should never use the browser address bar as a search engine, and although it's easy to lapse into a sort of autopilot mode while browsing the Web (especially if you're a heavy multitasker), always pay close attention to what you type into your browser, to the site that loads, and to any links you click while there.
Joe Moran is a regular contributor to PracticallyNetworked.
For more help, don't forget to try one of our PracticallyNetworked Forums.
|Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums|