TOP STORY
Telltale Signs of Malicious Intent
In order to infect your computer or phone with malware, cybercriminals have to trick you into clicking a link that will take you to a website hosting malware. We have educated readers on several different ways to see through this type of fraud, such as recognizing domain names in links and how to look up the date they were registered using a WHOIS tool. For example, domains that are newly registered are very likely malicious.
Another way to recognize fraud is related to one particular well organized and long-standing cybercriminal gang. These are the criminals who use automated software to create directories by combining two random hyphenated words in a web server. Examples of these oddball word combinations have included:
yourself-articulating
goodly-print
churchwoman-represses
slumbered-spotted
screwdriver-argot
questionnaire-poole
superseding-striven
backspaced-conversation
If you can learn to mouse-over links in emails, WITHOUT CLICKING THEM, and see the link revealed at the bottom of your web browser, look for the appearance of these oddball word combinations. If you see them you’ll know that the email is 100% malicious! Delete it! Here is an example. Find Waldo, we mean… find the 2 hyphenated words in the link in this first screenshot. The second screenshot will show it to you, along with the domain name the email came from.


By the way, the domain used to send this email, remeaa[.]work, was registered on the day the email was sent and is being hosted on a server in Amsterdam. The Zulu URL Risk Analyzer identified it as malicious. Sound like Mastercard.com to you?




This “Path to Being a Homeowner” came from a domain that was registered the day before the email was sent and was found to be malicious. Next time you see two oddball hyphenated words in a link, DEEELEEEETE it!


Daily Scam Home Page
|