Don’t Be Spoofed!

Since coronavirus, we have all been traveling a lot less but that doesn’t mean you need to let your guard down when it comes to booking your travel. Just recently the Federal Bureau of Investigations (FBI) warned the public of a new travel scam. Cybercriminals are creating fake websites that mimic US airport websites and using them to gather your personal and business information. “They do this to steal personal and business data,” stated Special Agent Conal Whetten, “and US airports are an attractive target for cyber actors because there is a rich environment of business and personal information.” Cybercriminals want to get your data because they can steal your identity and money.   

These malicious websites have domain names that are almost identical to the site they imitate, with a one or two characters difference. Some will even use characters from different alphabets (like Cyrillic lettering) that look the same as the other characters so it can be even harder to catch. They also use the company’s logo, font, color scheme, and writing style to impersonate the actual website and make customers feel like they are getting the real deal. “Cyber actors can capitalize on this sector by creating spoof domains and Wi-Fi networks, which can trick both passengers and airport operators into interacting with malicious websites or emails,” said Whetten.

Faking a webpage isn’t a new crime. In fact, according to Whetten, “Over 96 percent of companies suffer from domain spoofing attacks in one form or another.”   

So how do you guard your information against website spoofing? 

The first thing you can do is make sure to access a website with an SSL/TLS certificate. Websites that are non-SSL/TLS are especially vulnerable to spoofing opportunities. Unfortunately, websites with SSL/TLS certificates are still susceptible to man-in-the-middle attacks. These attacks occur when DNS and the SSL/TLS connection are poisoned and the user is sent to a malicious site. An easy way to prevent a man-in-the-middle attack is to make sure your software is up-to-date.

Another way to prevent website spoofing is to be cautious about pop-ups. Often phishing scams will direct you to a legitimate website then use a pop-up to steal your account information. These pop-ups tend to encourage you to “act now” and they frequently have spelling or grammar mistakes.    

Stop and think before you share your username and password. If you aren’t sure if a site is real or not, give a fake password to sign in. If you enter a fake password and are able to sign in, you’re probably on a phishing site. Do not enter any more information. Close your browser. You can contact the legitimate site and let them know their webpage is being spoofed. Also, you can contact the police to let them know about the spoofing so others can be informed.

Try a web browser with anti-phishing detection. Most web browsers have free add-ons that will help you detect phishing sites. For instance, Chrome has a few anti-phishing extensions including Netcraft, Phishdetector, and Cryptonite.

Check for poor grammar and spelling. This can often be a sign you are being spoofed. Also, messages that are urgent or panic provoking can also be tell-tale signs that you’re being spoofed. If you think you have received a spoofed message, don’t open it or click on links or attachments. Message the sender using contact information you already have and verify if the message is legitimate.

Don’t become a victim of website spoofing. Be informed about the risks and use caution when you are on the internet. Before you book your next flight, verify the website you are using is legitimate. An ounce of precaution will save you a ton of headache later on.