Time
1 hour 44 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:01
hi and welcome to our next lesson were in less than one that five of the end user cyber fundamental course.
00:10
This lesson will be focused on websites spoofing also refer to as you are all hijacking.
00:20
In this lesson, you will learn what a spoofed website is. Dangers of spoofed websites had a spot, a spoofed website and how you can protect yourself.
00:33
What was spoofed websites and what are the dangers?
00:37
Here is a picture of a spoofed website that looks exactly like the rial Amazon website.
00:43
You will also notice the type of squatters who are ill
00:47
in our previous less and we discuss Typo squatting
00:51
commonly type of squatters also creates both websites so that when you miss type a web address, you ends up on a website that looks exactly like the website you intended to visit.
01:03
You may not notice and continue to log in, and now the hacker has your user name and password.
01:11
Since most users reuse the same user name and password across numerous websites,
01:17
the hackle try the same credentials on numerous websites and can potentially compromise your email,
01:25
your bank account or your medical records.
01:29
The spoofed websites are designed to purposely look like an existing website
01:34
such as Amazon or a banking website.
01:37
They will have all the right colors, logos, texts, website information, etcetera.
01:44
Their goal is to look authentic as possible.
01:47
They are really efficient sites and the purpose is to trick users into answering sensitive information such as credentials, financial information or other sensitive information.
02:00
The user will think they are logging into the legitimate website, but really all their information is going to the hackers machine.
02:08
You may come across spoofed websites by receiving what looks like a legitimate email,
02:14
but is really a phishing email with the web link in it and when you click it, you ends up on the spoofs website.
02:22
You can also stumble across one while browsing or on social media,
02:27
even through a text message with a link in it.
02:30
This is called smashing,
02:35
so how can you spot a spoofed website?
02:38
Pay close attention to the website. Although the hackers tried really hard to copy the website, the colors may be off a bit.
02:47
Maybe they're a different shade of blue.
02:51
There may be misspellings or the contact information. They be different. So just look for consistencies and always verify the URL.
03:02
What are the dangers of a spoofed website?
03:06
Spoof websites are designed to look exactly like the website you intended to visit
03:10
like your bank, so you may not even realize you're on a different website.
03:15
These websites are malicious and often used for fishing or to download malware onto your machine.
03:22
Sometimes just going to these websites is enoughto have now were installed on your machine. You do not even have to accept, click on anything or purposely download anything. This is called drive by downloads.
03:36
Drive by downloads. Take advantage of unpatched or out of date Web browsers or operating systems.
03:45
Once you are on a spoofed website or have malware installed, you are a risk of exposing sensitive information such as your credentials, credit card information and any other sensitive information. The hacker may trick you into entering on the website.
04:02
If there is now, where on your machine Your network may be at risk as well.
04:11
How can I protect myself?
04:13
Always go directly to the business website as opposed to clicking a link in an email
04:18
and remember used a browser search bar to avoid tight boats as opposed to the browser's address bar.
04:28
If the request in the email is legitimate, you will be able to perform the same task by going directly to the business website.
04:36
There are other ways to protect yourself is well.
04:40
You should always verify the URL.
04:43
Pay close attention to the URL in the address bar and look for misspellings.
04:47
Attackers will make the girl look like the one that they are Impersonating.
04:53
They may change one letter or add a letter. This is called Typo Squatting.
05:00
If you receive a link in an email, you can hover over the link. This will display the rial U R L,
05:05
which may not be same as the one displayed in the email.
05:12
Always verify the center. Do you know the person who sent the email?
05:16
Is the email address to directly or does it say, Dear customer?
05:21
A real company will address customers by name.
05:25
Are they misspellings in the email?
05:28
What is the tone of the email?
05:30
Does it match language and emails that you have received previously from this business?
05:38
It's also important to always keep your Web browsers patched and up to date.
05:44
Also, some Web browsers have built in fishing and now wear protection.
05:53
What is a spoofed website?
05:57
A spoofed website is a fake copy of legitimate website commonly used for malicious intent.
06:04
Better actors use spoofed websites to trick users
06:11
into stealing their information.
06:13
What? Downloading malware onto their machine.
06:17
So today we talked about what a spoofed website is,
06:23
what the dangers are
06:25
and how to protect yourself.
06:28
Thank you. And I will see you in the next lesson.

Up Next

End User Cyber Fundamentals

This End User Cyber Fundamentals course covers Internet risks such as typosquatting, website spoofing, drive-by downloads, Malvertising, and how to protect yourself using security best practices.

Instructed By

Instructor Profile Image
Lisa Martino
Director, Information Security Governance, Risk & Compliance
Instructor