The hackers fighting fake websites
Several prominent retailers, including Checkers and Desray, have been targeted by criminals who create replicas of their sites to harvest victims’ bank card information.
However, one Internet consumer protection group has taken it upon themselves to tackle this type of crime and has developed a creative way of doing so.
The attacks are simple and can effectively dupe the average Internet user. Perpetrators build a website imitating an online shop such as Takealot, often altering the actual site’s URL by one character.
They then load the website with products at significant discounts compared to what one commonly might find, enticing buyers to fall for the scam.
These websites are then spread across social media platforms, advertising the too-good-to-be-true deals to steer as much traffic to the site as possible.
Enter Artists Against 419, a group founded in 2003 dedicated to shutting down 419 scam sites and other fake websites and listing them on their online database.
A 419 scam involves an attacker explaining to a potential victim that they will be able to give them a share of a significant amount of money in exchange for an upfront fee, which will be used to obtain the funds.
However, they now seek to hinder the activity of all fraudulent websites.
One of the group’s initial ways of doing so was by hotlinking or inline linking a website’s images to deplete their small monthly bandwidth allowance. This they called flash mobbing, which they stopped in 2007.
Inline linking is the use of a linked object on one website—in the case of AA419, often an image—by a web page belonging to a second site.
When a browser downloads a webpage containing an image from one site, it contacts the remote server to request the image content of the second site, draining its bandwidth.
However, it is important to note that AA419 only resorted to mobbing after two letters had been sent to the hosting company to report the abuse.
This is because the group preferred the hosting companies to take responsibility for their client’s actions.
This is also largely because flash mobbing, in this sense, can be seen as a distributed denial-of-service (DDoS) attack, where the attacker attempts to render a machine or network service unusable to its intended users.
Today, the AA419 database contains over 168,000 fraudulent websites, which web browsers and other Internet consumer protection groups use to warn users about potential online danger.