Beware the Fake Megaupload Sites

The people behind Megaupload might be working hard to get the site back up, but so are scammers.

Sites were popping up on Friday claiming to be the reincarnation of Megaupload, the popular website taken down by U.S. federal authorities on Thursday. But most of the imitators so far look like phishing sites, said Don Bowman, CTO for Sandvine, an Internet traffic equipment vendor.

One site has only an IP address for its locator, rather than a website name people can remember, but claims to be the location for the new Megaupload. “We are working to be back full again,” the site says.

It’s unlikely, however, that a site as popular as Megaupload would use only an IP address. For one thing, everyone visiting the site would be hitting the same server. Before it was shut down, Megaupload accounted for nearly 1 percent of traffic in North America, putting it in league with Facebook, Bowman said.

Spelling errors, such as one that warns people to beware of “pishers,” are another sign that a page is likely to be fake, Bowman said. One way to test a site is to use a fake password when logging in, he said. If the site accepts the wrong password, it means phishers are running it in hopes of capturing real user names and passwords.

A lawyer for Megaupload told Reuters Friday that the company hopes to get the site back online. Megaupload’s servers were likely distributed around the world. Depending on the site’s backup policies, if one or two jurisdictions didn’t participate in the raid, the site could come back online soon, Bowman said.

But reviving the site also depends on who is available and willing to take the risk involved, Bowman noted. “It depends on whether they’re more interested in maintaining that revenue or remaining at large,” he said. Authorities on Thursday said they’d arrested four people affiliated with the site, which they say illegally distributes copyrighted content, and had warrants out on three more people.

One of the people behind Megaupload could try to sell the site and content to “some other nefarious character that might buy the assets and keep it running,” Bowman said. “That’s what happened with the Pirate Bay.”

Some people are eager to see the site come back, not to illegally access copyrighted content but for legitimate reasons.

Kyle Goodwin runs OhioSportsNet, a site that plays video he records of high school sports games in Cleveland. His videographers film games and upload them to MegaUpload as an easy way to transfer the video to Goodwin, who edits and posts them on his website. He was storing video on MegaUpload as well as on an external hard drive, but last week his hard drive died.

“The thing that really makes me mad is that I didn’t see any type of warning, otherwise I would’ve hustled to download what was there,” he said. “As of now, my videos are totally gone.”

Legitimate users like Goodwin aren’t the only ones who lost out. “Somebody out there is out probably tens of millions a year in hosting and bandwidth fees,” said Bowman.

As the minutes tick by, the chances of Megaupload regaining its former position diminish, according to Bowman. “Either they get it back online shortly or everyone forgets about it and moves on,” he said.

Nancy Gohring covers mobile phones and cloud computing for The IDG News Service. Follow Nancy on Twitter at @idgnancy. Nancy’s e-mail address is Nancy_Gohring@idg.com