Your browser is obsolete!

The page may not load correctly.

  • add to favourites
    Add to Bookmarks

Preying on fear

Read: 3204 Comments: 1 Rating: 43

Wednesday, September 14, 2016

From time to time, we reiterate the fact that most modern malicious programs are Trojans that can't replicate themselves, and, therefore, criminals must keep inventing new ways to make users spread Trojans and infect their devices and the devices of their friends.

To attract their victims' attention, criminals take advantage of breaking news and social engineering tricks designed to panic users so that they act without thinking.

Many people have heard about swindlers sending SMS messages requesting money transfers to help cover the costs associated with an arrest, accident, or other emergency. "Mom, please send me $XX; I'll explain later". But people don't expect Internet fraudsters to use the same MO.

Imagine that while surfing the web, you (or your friend) come across a message informing you that you’ve got an urgent problem requiring immediate action.

Tonight I got a message from an old friend of mine who appeared to be in a panic and claimed that she was being fined even though she didn't do anything illegal. I did my best to calm her down and eventually found out what actually happened.

While surfing the web, she was abruptly redirected to a webpage where she was notified that she had violated some law and had to pay a fine.


Criminals craft webpages to make them look like legitimate government-run sites, and they use these pages to demand fines from users—for a traffic violation, for example. The availability of information about vehicle owners on the Internet only adds to the credibility of their claims. In Russia, the Telegram bot AntiParkon was used to determine the names and phone numbers of vehicle owners.

The Anti-virus Times recommends

  • To learn why people under stress lose their ability to reason calmly, please refer to the issue Struck with fear.
  • Whatever may be said about government agencies being able or not being able to spy on users, they send fine notifications by post. Therefore, fine notification pop-ups on a website you never intended to visit are no reason to panic.
  • Swindlers can alter a URL in the address bar of your browser.

The company MajorSecurity published information about a vulnerability in Safari Mobile for iOS 5.1. This vulnerability can be used to alter a URL in the address bar.

The flaw is caused by an error in handling URLs if the JavaScript routine is involved. An exploit can be used to display a desired URL in an address bar to mislead a user.

This vulnerability can be exploited in phishing attacks. For example, a user can be directed to a phishing site that mimics a legitimate online banking site (or Gmail, Facebook, etc.). The legitimate site’s page can be concealed in an iframe, and the user will see the original, authentic URL in the address bar.

Usually, vulnerabilities of this kind are closed promptly. Install the latest security updates to make sure that the information displayed by your browser hasn't been altered.

  • If you want to make sure that a site is indeed controlled by fraudsters, use the Whois service for verification. Enter the address of the site you are concerned about in the appropriate field and you will learn to whom it is registered.


Nothing is impossible in life, but:

  • It is very unlikely that a government website is registered to an individual.
    • A government security organisation’s website is very unlikely to be registered in a different country.

We can only fight evil if we do it together!


Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.