Internet Scams and Phishing: A Look Inside the Business

by Brian Prince

This graph shows the geographic distribution of servers hosting phishing pages in August.

The unique domains were home to more than 60 percent of the phishing attacks observed by Symantec last month, while Web hosting services and automated toolkits were responsible for 14 percent and 16 percent, respectively. The number of non-English phishing sites increased slightly by nearly 1 percent. Among the non-English phishing sites, sites in French and Italian continued to be higher during the month.

According to Panda Security, eBay was the most popular high-profile brand mimicked by scammers during a recent three-month investigation. Often links to these sites are spammed out along with messages warning users their eBay accounts are going to be suspended if they don’t log in.

Security researchers have noted several fake Websites offering car shoppers discounted vehicles. These sites typically request the victim make a payment towards purchasing the vehicle.

This site cyber-squatted playing off the Viagra brand. However, the site, detected by MarkMonitor in 2007, uses a phony seal of approval from the Certified Canadian International Pharmacy program. The site, which is still taking orders, does not require proof of a prescription for purchases, MarkMonitor told eWEEK.

According to Panda Security, the creators of phony Websites love to target high-profile brands, starting with eBay, Western Union and Visa. Other brands commonly targeted include the United Services Automobile Association, HSBC and Amazon.

Research by MarkMonitor examined 20 of the top 1,000 product-related searches in 2008 with a focus on paid search ads on Google, Yahoo and Bing. In total, 583 unique Websites the ads pointed to were analyzed. According to the company, roughly 17 percent of the paid search ads for popular consumer products—such as designer handbags and shoes, music, movies and hi-tech gadgets—led to sites likely offering counterfeit or pirated goods.