Q. My sister-in-law Janet is always on Facebook. She loves seeing what her children and grandchildren are up to, catching up with old friends, and playing Scrabble. She is a quick typist, and one day, in her haste, she recalls accidently typing “www.Facebookc.om.” Before she could correct it, she was redirected to a series of pop-up ads and, eventually, to a site that prompted her to download Adobe Flash Player update. She downloaded it, since it looked official and she thought she needed Flash to play a game. Instead, it led to her computer becoming infected with a virus and completely unusable. Needless to say, this caused a lot of problems for Janet. She had all her passwords stored on her computer, so she could no longer access them. She paid all her bills online and had alerts set up when they were due. She was completely lost without her computer and even feared that her identity might have been stolen.
So this doesn’t happen to anyone else, do you have any information/tips on how to prevent it, and which sites might be infected? Do you have any suggestions about better ways to store personal information, so it’s not lost forever should something like this happen? Also, do you know about other tech scams affecting seniors, so we can be aware? Thanks for your help!
A. Recently, AARP reported that cybercrooks are using .om websites to spread computer malware, remotely access PCs and Macs, and steal log-in credentials. Malicious criminals for years have been buying domain names with a missing or misplaced letter in website addresses belonging to well-known companies, and they simply wait for you to make a typo.
The research company Endgame discovered this issue (called “typosquatting”) when a researcher made an innocent but potentially damaging mistake. He mistyped the domain “www.netflix.com” as “netflix.om” in his browser, accidentally dropping the “c” in “.com.” He did not get the error message that the website doesn’t exist, as he would have expected. Instead, similar to your sister-in-law’s experience, he landed on a “Flash Updater” page with scareware pop-ups. Luckily, the researcher recognized danger and retreated swiftly, avoiding harm.
Research Results
The instance with Netflix prompted Endgame to conduct research on .om websites. They began by attempting to determine how many .om domains are associated with popular sites, who is registering these domains, and what is hosted at those sites. To do this, they went through the 5,000 most popular domains globally. They discovered 334 domains that meet the criteria and are currently pointing to active sites and contacted the legitimate company associated to make them aware. At this point in time, of the 319 malicious .om domains, 292 have been deleted or had their DNS records removed. The original, complete list of domains that appeared suspect can be found here. The updated list of domains that still remain active can be found here.
Below is information from Endgame about these malicious sites:
- The biggest threat results in the most common typos include either a misplaced or missing “c” (such as typing amazonc.om or amazon.om) so a web address ends with “.om” instead of “.com.”
- Most of the .om-ending sites operate the same way: They don’t directly install malware but, instead, lead to other infected pages.
- Actors behind this typosquatting attack have been quite successful. There are at least thousands of queries per day to the malicious .om domains from different computers across the world.
- Typosquatted domains typically lead the user’s browser to a few different web pages in a very short period of time, and ultimately have content that may not even be relevant to the website accessed in the first place.
- The destination web page will almost always include advertisements, surveys to complete for free electronics, or scareware tactics to entice users to download and execute an anti-virus suite that leads to further headaches and intrusive advertising.
- The goal of these pages is to generate as much advertising revenue as possible for the bad actors while trying to keep naïve users engaged and/or scared in order to keep them clicking more links and prolonging their sessions.
Endgame suggests that users carefully read what they type before hitting “enter” to access a website, especially if you’re a fast or fat-fingered typist. That’s also a good practice to follow before clicking on links that appear in search engine results or online advertisements; they, too, may have typos that spell trouble.
A More Efficient Way to Store Passwords
An easier way is to store all of your digital user names and passwords is in a secure password safe, such as KeePass. This is what I’ve used for years. It’s a completely free program and very easy to use. I store my KeePass database in Dropbox (which also has a free version), and I have Dropbox and KeePass (called Minikeepass for my iPhone) on all of my computers – both work and home – so that if one computer gets a virus (or just dies as they sometimes do), I still have access to my password safe on all of my other electronic devices. I have hundreds of different passwords saved in KeePass, so this program has been a huge blessing to me over the years and has provided incredible peace of mind. Other programs like this live in the “cloud,” such as 1Password or LastPass (which was itself hacked back in June of last year – not too comforting). Another less technological way is by writing down your passwords and putting them in an envelope in your home safe or deposit box. But this isn’t very convenient when you have lots of different passwords and need to log in.
Tech Support Scam
You asked about other tech scams, and this particularly dangerous one caught my eye. According to Microsoft, last year an estimated 3.3 million people — many of them seniors — were victimized by a tech-support scam at a total cost of $1.5 billion. That’s one American duped out of an average $454 nearly every 10 seconds.
Here’s how the scam typically unfolds:
- You get an unsolicited call from someone claiming to be with Microsoft or Windows tech support, who says viruses have been detected on your computer.
- In order to protect your data, you are told to immediately call up a certain website and follow its instructions.
- A dummy screen may appear that shows viruses being detected and eliminated, but in reality malware is being installed that allows the scammer to steal your usernames and passwords, hold your data for ransom, or even use the webcam to spy on you.
According to Microsoft, you should hang up the phone. “Neither Microsoft nor our partners make unsolicited phone calls,” says Courtney Gregoire, senior attorney at the Microsoft Digital Crimes Unit. Also, never click any links in unsolicited emails or in suspicious pop-up ads promising to speed up your computer or give you some kind of software for a free trial.
For more technical scams and other scams affecting seniors, visit the AARP Fraud Watch Network at www.aarp.org/fraudwatchnetwork. For local scams, please visit http://www.fredericksburgva.gov/ (in Fredericksburg) or http://www.montgomerycountymd.gov/ (in Rockville), and type in “scam”. If you are the victim of a scam, contact the police and file a complaint with the Federal Trade Commission and your state attorney general’s office.
Keeping up with scams that are affecting seniors is important. It is also very important to keep up with your Incapacity Planning, Estate Planning, and Long-Term Care Planning. Don’t forget, we always offer a no-cost introductory consultation:
Fairfax Elder Law: 703-691-1888
Fredericksburg Elder Law: 540-479-1435
Rockville Elder Law: 301-519-8041
DC Elder Law: 202-587-2797