Phishing
Phishing sites are designed to trick visitors into submitting private information by posing as a trusted or legitimate entity. Netcraft’s phishing site feed is used by all major web browsers to protect their users, and is also licensed by many of the leading anti-virus, content filtering, web-hosting and domain registration companies.
Fake Shops
Fake shops claim to offer highly discounted luxury goods, typically for premium clothing, shoe or electronics brands. However, in reality they are simply a front to capture users’ payment information: after the victim completes the checkout process, they will be delivered counterfeit products, or possibly even no products at all. Netcraft blocks over 2,000 fake shops every day.
Fake Pharmacies
Fake pharmacies claim to sell pharmaceuticals but have none of the licencing required by the jurisdictions in which they offer products. While many fake pharmacy sites will actually deliver to victims, the drugs delivered are likely to be incorrect, substandard, or counterfeit.
Web-inject Malware
Netcraft detects compromised web pages where malicious JavaScript has been added to exploit vulnerabilities on visitors' machines. Suspected sites are visited within a sandboxed web browser allowing all the resources of the page to be fetched and executed.
Shopping Site Skimmers
Fraudsters use vulnerabilities in popular e-commerce platforms (e.g. Magento) and their plugins to deploy malicious JavaScript onto legitimate online shopping sites. These JavaScript ‘skimmers’ are added to checkout pages, and capture payment card details and other personal information.
Technical Support Scams
Fraudsters make use of scam websites purporting to be legitimate technical support sites to trick visitors into actions such as installing malware, making financial transfers, using premium rate services or allowing remote access to their machines.
Health Product Scams
Health product scams attempt to lure victims into purchasing fake health products such as weight loss pills, or fake oils. These sites often claim the products are endorsed or used by celebrities, and typically use fake seals to appear more legitimate.
Investment Scams
Investment scams encourage victims to transfer funds to the fraudster on the promise of large returns, often impersonating well-known public figures (such as Sir Richard Branson) to promote the scheme. These scams are among the highest volume attacks seen by Netcraft.
Survey Scams
Survey scams mislead victims into thinking they are being marketed to by a well-known company or brand and will receive a high-value reward or prize by answering a few simple questions. After answering these questions, the victim is told they’ve won, and then redirected to another scam or a third-party affiliate link under the guise of redeeming their prize. They may subsequently be tricked into giving away personal information or installing malicious software.
Web Shells
Web shells are backdoor control panels that allow total control over a compromised web server, letting fraudsters easily steal data from the server, launch phishing attacks, join the server to a botnet, engage in DDoS attacks, and distribute malware, to name a few. The web shell feed provides a list of web shells and the associated compromised sites.
Malware Infrastructure URLs
Netcraft processes millions of spam emails every day, and any malware attachments are analysed to identify key infrastructure URLs. Running the malware in a sandbox environment reveals the URLs that it attempts to connect to, including those that transmit operational instructions for the malware, download further stages of the attack, or receive payment for malware such as ransomware.
Malicious email addresses
Netcraft can also provide a feed of email addresses participating in advance fee fraud schemes, found in the millions of spam emails that it analyses. This feed also contains any addresses intended to receive credentials captured by the phishing attacks that Netcraft identifies.
Non-consensual cryptocurrency miners
Also called ‘cryptojacking’, this JavaScript malware hijacks the user’s browser and silently mines cryptocurrency when infected sites are visited. This mining code can cause significant drops in websites' performance and responsiveness.
Fair Use: Please note that use of the Netcraft site is
subject to our Fair Use and Copyright policies. For more information,
please visit https://www.netcraft.com/terms,
or email [email protected].
Warning! You are using an unsupported browser, which means some features may not work as expected. Netcraft recommends upgrading for a better experience.