2016 saw the highest amount of reported fake news stories on record. The issue of fake stories hit the political scene lately when the WA Liberal Party urged supporters to report “untrue” social media posts by the Labor opposition.
“If you see a fake or misleading post produced by Mark McGowan or WA Labor, follow these steps to help remove it from Facebook,” the website says. Facebook is under pressure to announce measures to combat the issue after a series of fake news stories was disseminated via social media platforms during the US election. Not only is fake news bad news for society but it is often the manner in which fake news is delivered to the public.
Always eager to capitalise on human inattention, cyber criminals have embraced methods of registering a commonly misspelled Web address to use as a base for the distribution of malware or to steal information from unsuspecting users. “They create a site that looks essentially like the real one, at least on the surface. It’s fairly straightforward to do and then you’re simply relying on human nature to not notice,” says Steve Grobman, chief technology officer at Intel Security.
Sometimes called URL hijacking, multiple media sites have been hit with the ploy, including www.abc.net.au (www.abc.com.au) and www.theaustralian.com.au (www.theaustraliian.com.au)
The technique can make made-up stories seem more legitimate and give them a brief but powerful ride in legitimate news sites until they’re debunked. Such articles played a role in this year’s presidential election, though how much they influenced the outcome is unknown.
Fraudsters use counterfeit sites as phishing farms, trying to entice those who visit them to fill out personal information that can be used to steal credentials and other potentially saleable information. Companies can’t always protect themselves against this type of fraud because they can’t register every conceivable variant on their names. “It’s too expensive and inefficient.
Another common ploy is for criminals to place banners or ads that link to slightly off URLs. For example if you see an Ad from Bunnings at the bottom of the page, upon clicking on the Ad it will take you to www.bunnnings.com.au (with an extra ‘n’), and by the time the website has loaded and you’ve noticed that it isn’t the real deal, the website and its cyber criminal owners may have already swiped your personal data including browser usernames and passwords.
Many security software programs are fairly effective against blocking such typo-ridden URLs if they go to a known malware-infected site, but some can slip through. But as with most things online, the key is awareness and taking an extra moment to stay safe. That includes glancing at a URL before accepting it as valid or perhaps opening a new browser window and actually typing in a desired destination, rather than simply clicking on a link on a site that seems dubious. We do all we can from our end here at IntelliTeK but we totally understand that human error will occur under these circumstances and we are ready and waiting to act upon any undesirable outcomes which may occur. When it comes to login breaches, we recommend that you change passwords at regular intervals and also that the password in use is difficult to guess.