The use of bogus news sites to mislead people is not a new phenomenon. This devious tactic dates back well over a decade. Upon initial viewing, and to an untrained eye, these news websites look legit. Their layout is very similar to how a real news portal would look. They are localized to a specific city, and appear to have a robust build, like deep navigation, a members-only area, and comment threads. They are also sprinkled with fake testimonials about how much money they are making, deceptive imagery and seemingly real news video footage.
The links within these fake news sites divert people to various work-at-home program pages, typically consisting of a 3-step sign-up process. The form collects a person’s first and last name, email address, phone number and country.
The next page collects payment, typically via a credit card and utilizing PayPal or ClickBank, as is the case here. Ironically enough, ClickBank is a legitimate marketplace, used heavily by affiliate marketers.
The payment process does appear to be secured by a valid certificate, but after the credit card number is submitted, there’s no guarantee that payment will ensure delivery of the work-at-home program in question. Our researchers warn about the likelihood of a grander scam, in which the credit card could get charged in excess of the quoted price, or worse yet, sold and resold ten times over all over the world.
It can be very difficult for ordinary people to judge whether these types of work-at-home programs are real or not, and most traditional anti-virus software will lack adequate detection capabilities to help make educated assumptions. zveloLABS® engineers are consistently analyzing these types of scams, probing for patterns in structure, code, and other elements, all to help better auto-detect these web threats in real-time, which is now a mandatory capability. End-users should check with their anti-virus or web filtering solution provider to determine how these scams are handled, if at all. Without the adequate real-time detection systems in place, users are left to fend for themselves, which during times of financial desperation can have extremely negative outcomes.
Sample List of Fake News Websites Used for This Analysis
http:// www . newsdaily7 . co . uk/
http:// daily7-business . net/business/2010-live70/
http:// www . 7newsdaily7 . com/
http:// nationalnewsdaily7 . com/
http:// newsinsider6 . com/
http:// www . news6 . com-2011 . org/news6/
UPDATE:
The sample URLs listed above and analyzed for this blog post have been taken down. It is quite common for websites littered with spam, that promote scams or host malicious code to go offline quickly after being launched. They can be online for mere minutes in some instances. This raises the need for a malicious website detection engine that can identify URLs as they go live, and one that can revisit URLs to account for their short online life spans.
