Users Hoped for Security, Ended Up with Malware
Cyber criminals have found an effective way to distribute malicious software, and users are none the wiser. By copying the popular VPN (virtual private network) website for NordVPN, users believe they are using something that is meant to boost their security. Instead, they are downloading a bank trojan.
Now, one may think they cannot be dupped by a fictitious website but these hackers are good. Not only did they replicate the site entirely, but they also added a valid SSL certificate, which helps the fake website appear more legitimate while also allowing it to bypass browser security checks.
Tricky? Yes, yes indeed.
What is a VPN?
As mentioned earlier, a VPN is a virtual private network. However, that still doesn’t exactly state what it does. Take a firewall, for example, that helps to protect your data on your computer. A VPN does the same but does so online. By utilizing a VPN, users are able to securely access a private network and share data on public networks.
Don’t Fall Victim
The best way to avoid these scams is two-fold. First, when you visit a website, type the URL into the address bar instead of searching for the URL on a search engine. Often times, even if they are malicious, websites will show up in the search results. For instance, if you wanted to go to espn.com, type in www.espn.com in the browser’s address bar. Do not go to google.com and search ESPN. Granted you’ll likely go to the correct place, but you also may end up on a spoofed site. So, searcher beware.
Also, deploy a security solution that uses an application whitelist. By running a whitelist, only known trusted programs are permitted to execute. Therefore, if you find yourself somewhere you shouldn’t be — the malware still cannot run, because it has not been tested and proven secure.