Rogue Websites

Cybercrime is a billion dollar business and those involved will practically do anything to lure new victims into their web of deceit, including exploit legitimate business practices. Cybercriminals set up fake or rogue websites to promote purchase of rogue antivirus or optimization tools or carry out drive by strategies, an automatic download of malware triggered with just a visit or landing. 

So how can you determine if a website is rogue? Below are some telltale signs.

1. The website is skeletal, meaning it lacks basic information or layout.

If you come across enough websites, you’ll notice a pattern. Websites are usually meant to be a wealth of information, and at a minimum, the home or opening page yields basic info such as logo and purpose or mission; toolbar or menu of services; search or help features; both a footer and header that at a minimum, gives the address of the organization and contact information, etc. Websites that lack detail should raise suspicion. 

2. Poorly built.

Viable businesses take pride in their websites, understanding it is the mouthpiece or face of who they are and what they do. Cybercriminals want to spend less to gain more, meaning they do not waste dollars on site development or unnecessary bells and whistles. At a glance, a visitor may notice misspellings or broken images and other technical flaws. 

3. Hijacks your web browser.

Any website that holds you hostage, in other words, keeps you from exiting, is suspicious at best. Whether your homepage has been altered and replaced with the deceptive (or malicious) website, or you mistakenly landed on the URL and are having difficulty leaving, you need to recognize you have a problem and should vehemently wrestle free. 

4. Promote purchase of a rogue security program.

If shopping for Internet security tools and programs, do your diligent homework to ensure you do not land on a deceptive website promoting a rogue or fake security tool. Furthermore, if you are forcibly routed to a website that promotes purchase of a security tool, you should know that it is indeed rogue. Legitimate Internet security vendors do not force you to buy their products and are reputable because of proven services.

5. Serves up enormous and annoying amount of pop-up advertisements.

If all a sudden you are hit with an enormous amount of pop-up advertisements, it is probable you landed on an explosive malicious website. Legitimate websites adhere to practices that forbid loading too many pop-up windows or flashy ads all over the user’s screen. Legitimate businesses do not care to irritate or run off potential clients or consumers. 

6. Offers to perform system check for free.

Random websites do not have the ability to investigate or fix problems on random computers! If the rogue website runs an automatic scan (without your permission), you need exit immediately and as a safety precaution, do a reputable scan using a trusted source to ensure malware was not secretly downloaded.

Other signs your system was injected with poisonous programs or tools after you visited a rogue website are:

• You are suddenly assaulted with scary but fake alerts that precede presentation of a rogue security program.
• Homepage is changed without your permission.
• Toolbars or other browser helpers are installed without your permission.
• Keyboard or mouse freezing up.
• System suddenly runs slow.
• Drivers suddenly fail and require reinstallation.
• Web pages slow to load or render weird system errors.
• Screen appears accusing you of criminal online behavior, i.e. piracy, watching child pornography, copyright infringement, etc. This kind of presentation is known as ransomware and resembles a kidnapping, only the victim is your data and system resources.
• Strange audio.

If you experience weird system behaviors, you need to do the following to protect your data and system.

1. Do a clean sweep using a trusted and stealth antimalware solution just to be certain malware wasn’t secretly downloaded, installed and hidden in the root of your system.
2. Follow safe online practices:
   • Use a strong password that is hard to crack.
   • Be slow to click on links until you can verify the source.
   • Do not open attachments until you can verify the source.
   • Be leery of malicious websites and do not override warnings that a website is unsafe.
   • Do not pirate!
   • Be leery of freeware downloads. Make sure to read the EULA in its entirety and reject downloads that hint of suspicious behaviors.
   • Update and patch vulnerable software.
   • Keep an antimalware application running and updated at all times.