Beware: Hackers exploit brand names

[Wizzo]

Security firm Finjan is warning companies to be aware that hackers are exploiting their brand names in order to perpetuate malware attacks on unsuspecting members of the public.

While phishing and other scams can often be spotted by checking the URL or address of a web page, hackers are buying domain names that look like they belong to legitimate companies but contain minor spelling errors.

This means that if you don't see the deliberate mis-spelling, you could end up on a specially-crafted web page designed to infect your PC with malware.

Finjan said that keeping track of these rogue domain names was an uphill battle, and suggested that a better way was needed to stop these attacks.

"In today's dynamic web environment, it is becoming increasingly difficult to keep track of the malicious content by maintaining lists of malicious domain names or URLs," said Finjan's Yuval Ben-Itzhak.

"Attempts to pattern malicious code and create signatures, or to categorise known malicious sites, are sometimes too little, too late when it comes to providing adequate protection to today's dynamic and evasive web threats," he continued.

[cosworth151]

I know what you mean, Wizzo. I've been getting e-mails that say they are from Bank of America and PayPal, with a subject line that says they are about my account. I've never had an account with either, so I just report them as phishing scams.

The My Space pages of several pop stars have been hacked. In these cases, it is the stars' legit sites that do the damage. (Unknown to the celb in question, of course) They ask you to download a player to view videos. Clicking on the download bar loads the malware into the fan's pc.