dcsimg

The Web's Shadiest Neighborhoods: What You Need to Know

  • The Web's Shadiest Neighborhoods: What You Need to Know-

    Risky Activity

    Fake video attacks are increasingly common as a successful threat targeting social media users.

    In a different twist on a fake video attack, the highest-trafficked ".country" site observed by Blue Coat on a day in mid-June was part of a "shocking video" scam network.

    This increasingly common scam leads visitors to a "teaser page," usually designed to make them believe they are visiting YouTube, when in reality they are on a fake site that has no legitimate tie to YouTube. The non-working 
video includes fake comments immediately below it from someone wanting 
to know how to get the video to play, and someone else explaining that you have to "share" or "like" the video first, or take an online survey. When visitors follow these instructions, they either divulge personal data in the survey, or the scammers spam their Facebook friends.

    Blue Coat sees this campaign frequently, often with sites that get hundreds of attempted visits per day, so people are clicking on it. Nearly all of that traffic is coming from Facebook, so the scammers' scheme works.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11

The Web's Shadiest Neighborhoods: What You Need to Know

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
  • The Web's Shadiest Neighborhoods: What You Need to Know-7

    Risky Activity

    Fake video attacks are increasingly common as a successful threat targeting social media users.

    In a different twist on a fake video attack, the highest-trafficked ".country" site observed by Blue Coat on a day in mid-June was part of a "shocking video" scam network.

    This increasingly common scam leads visitors to a "teaser page," usually designed to make them believe they are visiting YouTube, when in reality they are on a fake site that has no legitimate tie to YouTube. The non-working 
video includes fake comments immediately below it from someone wanting 
to know how to get the video to play, and someone else explaining that you have to "share" or "like" the video first, or take an online survey. When visitors follow these instructions, they either divulge personal data in the survey, or the scammers spam their Facebook friends.

    Blue Coat sees this campaign frequently, often with sites that get hundreds of attempted visits per day, so people are clicking on it. Nearly all of that traffic is coming from Facebook, so the scammers' scheme works.

Much like in the streets of New York City in "Ghostbusters," suspicious activity is happening in varying degrees all over the web. The relative risk of visiting a website in a "shady" neighborhood can vary dramatically depending on who is managing the "residents" there.

What many users may not realize is that the letters following the "." in a website address represent a top-level domain (TLD) – essentially a "neighborhood" of addresses – maintained by a specific company or group. Ideally, TLDs would all be run by security-conscious operators who diligently review new domain name applications, and reject those that don't meet a stringent set of criteria.

Unfortunately, the reality for many of these new neighborhoods is that they go unpoliced, like Slimer wreaking havoc on the 12th floor of the Sedgewick Hotel. To avoid getting slimed, businesses and consumers need guidance to understand how safe, or how shady, these new TLDs may be considered for web security purposes.

Courtesy of Blue Coat research, let's take a closer look at the web's shadiest neighborhoods.