Home » Data Protection » Malware/Cybercrime

News

Report: Thieves Target Online Travel Sites

Research from security vendor MarkMonitor shows digital outlaws hijacking the brands of online travel companies and airplane parts manufacturers.

By Bill Brenner, Senior Editor

June 09, 2008 —

Online travel sites and airplane parts manufacturers are among the biggest victims of cybersquatting, false association, pay-per-click abuse and domain kiting, according to a new report from security vendor MarkMonitor.

The vendor points to the increased risk in those business sectors in its newly released Brandjacking Index for the spring. The findings reflect a trend observed by other security experts who have found, among other things, that the bad guys are using search-engine optimization (SEO) tricks to get their bogus sites higher in the search rankings.

Trends noted in the report included:

The rise of online auctions for fraudulent travel vouchers. The average discount for the more than 150 listings analyzed was 80 percent under face value. With the recent airline industry bankruptcies, increased cases of online fraud related to refunds, credits and vouchers are likely.

The growing success of search engine optimization tactics. Through higher search rankings, scammers divert Internet users searching for legitimate travel brands to illicit sites with questionable content, including pornography.

Blended abuses targeting travel brands. Attackers have combined multiple techniques such as spam, pay-per-click fraud and malware to put shoppers' computers as risk for viruses and spyware.

Meanwhile, the vendor found that cybersquatting is the most pervasive form of brandjacking, growing by 40 percent in the first quarter of 2008, while pay-per-click fraud actually declined by 42 percent. Phishers also appear to be targeting fewer new organizations, focusing 90 percent of the phishing activity on a small number of brands.

Dancho Danchev, an independent security researcher and consultant based in the Netherlands, said the MarkMonitor research reflects much of what he has been monitoring in recent months.

"What I've been witnessing is an automated approach that comes up with relevant brand impersonating domains such as anti-virus-2008.com, registering these and uploading the fake security software," Danchev said, adding that scams are getting more sophisticated due to the localization crooks are starting to apply even in the domain names themselves - registering the domains in a native language to attract local traffic, for example.

Where the money is
During a recent visit to the offices of CSOonline to promote the latest Brandjacking Index, MarkMonitor Chief Marketing Officer Fred Felman said he's not surprised by the explosion of online travel scams designed to lure shoppers from legitimate e-commerce sites. But he was taken aback by the number of bogus sites selling questionable aircraft parts on business-to-business exchanges and consumer auction sites.

"The criminal is always thinking about where the money is, so it makes sense they would go after travel sites," he said. "We all travel and are frustrated by the high cost of airline tickets and hotel rooms, so we're constantly looking for bargains."