Slashdot Mirror
Cybercriminals Create 57,000 Fake Sites Each Week
wiredmikey writes "In a recent investigation, it was discovered that cybercriminals are creating 57,000 new 'fake' websites each week looking to imitate and exploit approximately 375 high-profile brands. eBay and Western Union were the most targeted brands, making up 44 percent of exploited brands discovered. Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals. Banks comprise the majority of fake websites by far with 65 percent of the total. Online stores and auction sites came in at 27 percent, with eBay taking the spot as the No. 1 most targeted brand on the Web today."
Oh, I am completely sure that this isn't profitable, because registrars and ICANN would crack down on it immediately, and credit card companies would quickly reverse fraudulent puchases made on these websites, and then pass on the fraudsters' information to law enforcement, allowing them to swiftly shut down these operations.
*jerk-off gesture*
Information theory is life. The rest is just the KL divergence.
I know that DNS vulnerabilities are being addressed finally. Wouldn't a good next step be to eliminate domain registrars that allow these sorts of sites to get created in the first place?
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
"articles" of this nature. When a company hocking a security product releases earth-shattering statistics for hackers and malware it is not research, or an investigation with any independent credibility. This is marketing fearmongering designed to get people to buy the product.
Good people go to bed earlier.
The registrars could do their part to shut down the bogus websites faster - by invalidating the WHOIS records - but they don't. Of course, we all know why they don't; it's because they make money by chosing to not do that. Of course if you read into the existing WHOIS records for the bogus websites you'll find that quite a few of them already have bogus WHOIS data; often the only part that means anything is the DNS referral, which shows quickly whose side the registrars are on.
If our good friends at ICANN actually gave half a shit about the problem they would crack down on complacent registrars, but that isn't very profitable for them, either.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Wouldn't a good next step be to eliminate domain registrars that allow these sorts of sites to get created in the first place?
I agree whole-heartedly that something should be done about the crooked and complacent registrars. The problem is, who should take the action? The most logical step is ICANN, since they handle registrar accreditation, except they have shown repeatedly that they will not take any meaningful steps. And of course, ICANN only does accreditation for registrars of the largest TLDs (for now), so anything from another country's list of TLDs is beyond their jurisdiction (and soon pretty much everything will be beyond their jurisdiction).
So if ICANN won't do it, who then should? It is pretty well impossible to take legal action against the registrars and expect anything meaningful to come of that, so unless you want to advocate vigilante justice you're just SOL.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
"Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals." Please, please, for the love of god, grammar check your submissions. I am a proud grammar nazi because it really hurts my brain when I have to read a summary that contains a sentence that is missing a verb. How does this even get posted like this? Something is wrong here.