Search Engine Phishing: A More Contemporary Scamming Technique
Criminals are constantly looking to match their online schemes with steady advancements in information technology. One of these Internet scamming techniques is phishing, a method of convincing people to give away their confidential information via the use of false emails that makes the unsuspected individual think that the email is from some legitimate organization or financial institution. This method now considered an obsolete technique to defraud people online as savvy tech criminals are now coming up with new innovations.
In this article, we shed some light on a relatively new method of phishing put into practice by cybercriminals.
Search Engine Phishing
Search engine phishing is a relatively new weapon introduced by the phishers in the cyber world. It is one of the sophisticated types of an online heist where scammers don’t rely on email spoofing and pharming to lure people into their trap.
Mode of Operation
In search engine phishing, fraudsters lay a very intricate and intelligent trap for victims to hand over their confidential information. Let’s see how the operations of search engine phishing usually get carried out.
- Fraudsters create their own legitimate webpage instead of spoofing someone else’s email or web address.
- Usually, they use this ill-intended web address to set up an online shopping store with exceptional discount offers and lucrative deals.
- With the professional employment of SEO, they even get indexed by genuine search engines.
- Since malicious online shopping stores are indexed like any other web page on search pages, therefore they start to pop up in related search results.
Because these phishing web addresses appear as legitimate as any other web address on the search page, it is extremely difficult for anyone to tell the difference between them. It is a smart move from phishers where the authenticity of a search engine is inadvertently used to con people.
The whole point of these malicious sites derived by search engine phishing is to legitimately persuade people to hand over their personal information. Usually, it is employed by two different methods.
Asking online shoppers to register through their social security numbers, this detail can be used by scammers to carry out criminal activities in the name of victims.
They can steal the confidential banking information of any individual (pins, accounts numbers) in the cover of online payments. With search engine phishing websites masquerading as online shopping platforms, not only can you lose your valuable money but also your identity.
Tactics Involved in Search Engine Phishing
Apart from online shopping portals, scammers can employ certain other tactics as well in search engine phishing.
Probably the most prominent venue for thieves to try to contract unwilling participants is through email. It is cheap and easy to reach hundreds of thousands of people almost instantly. These scammers use automated programs to send out their scheming emails in the hope that they will get a response, even if it is a small percentage.
Their email messages can be a variety of scams. "I am stuck in Nigeria and need some money immediately." "I am starting a new business venture and I want you to be my partner." "My daughter is stuck in the Middle East and is in great danger. Can you help me?'. The nonsense goes on and one, but if they have one thing in common, they will usually start off with 'Good Day' or "Top of the Morning to You". In addition, their English is usually poor and there may be spelling errors as well. In addition, they will not address you by name because they don't know who you are. Here is a typical phishing message:
Hello my dear,
I sent this mail praying it will get to you in a good condition of health, since I myself are in a very critical health condition in which I sleep every night without knowing if I may be alive to see the next day. I am Mrs. Gloria Paul Eric, a widow and citizen of United State of America. I am suffering from a long time brain tumor, It has defiled all forms of medical treatment, and right now I have about a few months to leave, according to medical experts. The situation has gotten complicated recently with my inability to hear proper am communicating with you with the help of the chief nurse herein the hospital, from all indication my conditions is really deteriorating and it is quite obvious that, according to my doctors they have advised me that I may not live too long, this is because this illness has gotten to a very bad stage. I hoped that you will not expose or betray this trust and confidence that I am about to repose on you for the mutual benefit of the orphans and the less privileges ones.
I have some funds I inherited from my late husband, the sum of ($ 11,000,000.00, Eleven Million Dollars). Having known my condition, I decided to donate this fund to you believing that you will utilize it the way i am going to instruct herein. I need you to assist me and reclaim this money and use it for Charity works, for orphanages and gives justice and help to the poor, needy and widows says The Lord." Jeremiah 22:15-16.“ and also build schools for less privilege that will be named after my late husband if possible and to promote the word of God and the effort that the house of God is maintained. I do not want a situation where this money will be used in an ungodly manner. That's why I'm taking this decision. I'm not afraid of death, so I know where I'm going. I accept this decision because I do not have any child who will inherit this money after I die. Please I want your sincerely and urgent answer to know if you will be able to execute this project for the glory of God, and I will give you more information on how the fund will be transferred to your bank account. May the grace, peace, love and the truth in the Word of God be with you and all those that you love and care for.
I'm waiting for your immediate reply please don't endeavor to contact me at my private email (email@example.com).
May God Bless you,
Mrs. Gloria Paul Eric.
In this particular scam, this woman (and there is no doubt that is her real name, as well it might not even be from a woman), is preying on your religious beliefs to entice you to contact her. In additon, the email is filled with run on sentences and spelling errors, but the most important aspect here is - why would this stranger be contacting you? Please keep these factors in mind if or when you receive something like this and if you do, delete it immediately.
Search engine phishers can also set up an online job portal in order to get personal information of individuals. A fraudulent job portal can ask for applicants to punch in their social security numbers and other confidential details which can be exploited later on. Keep in mind that legitimate employment opportunity platforms don’t require the details of social security and banking details until the final stages of hiring.
Fake Financial Offers and Services
Scammers can use a fake façade of a made-up financial institution to offer people with interest rates at considerably lower rates or other interesting offers such as free credit cards. Be cautious of such online financial institutes because their sole reason of existence is to steal the confidential financial information of individuals in order to skim money from their accounts.
Some search engines phishers complement their web address with another landing page on which emergency signs pop up and insistently ask users to download their products giving the reason that the system has been attacked by a malware or the antivirus subscription has been expired. These malicious software patches can be used to retrieve the information you are using on your system and the web.
You can easily avoid search engine phishing by using common sense and general vigilance. Don’t give away your financial details on online websites rendering “too good to be true” offers. Cross check the price of items to make sure that you are dealing with a legitimate business.
Like any other phishing technique, search engine phishing also inflicts more damage to the people who show recklessness and eagerness when dealing in the online world.
Posted On December 16, 2017