This is how they are spoofing e-commerce websites
After searching several pages for the best alternative to buy a high-end cell phone, Luis * came across a link to a site where the device was offered much cheaper than what he had seen on some websites. It was, supposedly, in one of the best-known e-commerce pages in the country and the region, so he felt confident to continue with the purchase.
You may be interested in: User data leaked from 533 million Facebook accounts
The platform looked almost the same as Free market, it had a very similar URL, the interface corresponded to the design of the brand, it included the same menu and sections of the ‘e-commerce’ and, finally, it had the padlock next to the link, which guarantees that it is a secure connection .
Everything seemed very reliable, so he decided to purchase the equipment. The seller who appeared in the website indicated that he could make a consignment if he did not want to make the purchase directly in a gateway of pay on line. Option to which Luis agreed.
After a few days of waiting, there was no news of the shipment, and in his account of the platform The record of the process I had done did not appear. He tried to contact the person he sent the money to, but had no response. It was about one swindle.
This is one of the methods that cybercriminals are currently using to deceive to people by spoofing websites for a variety of purposes, from money theft to access to credit card credentials and passwords.
We also recommend: Amazon admits its drivers must urinate in plastic bottles
“These tactics have one element in common and that is social engineering. They use something that the user wants to wake up their interest and they look for the best way to be able to convince the person and earn their confidence to carry out the action that the attacker wants to be carried out, ”says Roberto Martínez, Kaspersky cybersecurity analyst.
The practices of website spoofing to capture personal data has grown considerably in recent years. During 2020, he became the crime most reported in Colombia with more than 5,440 cases, according to data from the Colombian Chamber of Information Technology and Telecommunications.
This shows how the attackers have been refining their techniques to cheat people and make them believe that they are on a trustworthy page.
For this, they have made use of one of the elements that online buyers take into account to make a transaction and it is the official certificate that is given to a website and that is represented by the security padlock, which also indicates that a secure connection is being made.
“The padlock fulfills two functions. One is to give the certificate to the page, which is almost equivalent to a citizenship card and which is granted only by certifiers, They do the validation and indicate if the site is the one mentioned in the link. And the other is that the traffic between the servers is guaranteed to be encrypted and consequently not exposed to attackers ”, explains Martínez.
The strategy is that criminals create the domain from a web page, then they buy a certificate to ensure that the site is authentic. Accessing the certificate is easy, and there are certifiers that even allow you to get it for free.
Once this objective has been achieved, what the attacker does is add a series of characters and words on the left side of it, where they use the name of recognized online shopping platforms. So the URL It looks like the one on the official page.
“Every time you enter that domain, the padlock. What is on the right side of the link is already irrelevant. In the case of deception, the padlock does not validate if the page is from Mercado Libre, but rather that the site is certified with the domain that was initially created on the site. offender; They are known as attacks of opportunity, taking advantage of the fact that most people do not know what the structure of a URL is, so they do not know how to identify that it is not really the page of the ‘e-commerce’ where they want to be, ”explains Martínez.
For this reason, says Carlos Gómez, Sonicwall engineer for South America, an expert company in network security, the user must inspect other aspects of the padlock next to the link where it is located.
The first step is to click on the certificate, there a message will be displayed where the user can find in detail its information, such as the company that issued it, from what time periods it is valid and to whom it was issued. This is the key point, as this will allow you to identify the person by name from the original URL.
“It is important to check that the link is written correctly, that it does not have different characters or that some letters are changed by numbers, since this is the way in which the attacker tries to deceive and make the domain look like the original page ”, says Gómez. With this technique, cybercriminals mainly seek to keep the personal data of the navigator, to impersonate or commit fraud and financial theft in which purchases or transactions are made.
The recommendations given by Mercado Libre
The ‘e-commerce’ platform ensures that they have already identified different cases under this modality, so they recommend taking four aspects into account.
- Do not make transactions outside the platform, even when better prices are promised.
- Review in detail the URL of the page.
- Check the seller’s reputationsuch as your transaction history and the experience you provide.
- See the opinions of previous buyersIf there are more negative than positive comments, please give up the purchase.
In Twitter: @ TECNÓSFERAET
Also find in Technology
Is it better to have the laptop plugged in all the time or use the battery?
WhatsApp Plus: what is it and what are the risks when downloading it
Google revealed secret to save battery of mobile devices