Fake sites are impersonating Microsoft and Spotify – Here’s what to look for

April 22, 2021

By Kim Komando

Visiting a website, most of us automatically assume it’s the real deal. Nice logos, professional page design, and well-written descriptions talk up the product and welcome you around the site.

When a site presents itself well, we turn off the warning bells in our head — even when they should be blaring. Some cybercriminals are so crafty that it can be almost impossible to tell a fake site from the real one. After all, their plan is to trick you into downloading malware thinking that it comes from the original company. Suspect your computer is infected? Tap or click for a few ways to confirm that.

Cybersecurity firm ESET recently discovered that criminals created fake versions of Spotify, Microsoft and Microsoft’s Windows Store. All the cloned or fake sites harbored malware designed to steal your personal data.

Here’s how it works

You’re browsing the web and you see an online ad for Spotify’s music service or a reduced price on Microsoft apps. Clicks on the ad, and it takes you to a website.

If you’re tricked by its shiny design, you may click on one of the links on the page, thinking it’s a legitimate site. Just like that, you have downloaded malware that can wreak havoc on your computer.

For the Microsoft Windows Store, the link in the online ad takes victims to a fake chess game called xChess 3. Then, it automatically starts downloading the game from an Amazon AWS server.

Other ads using this malware campaign claim to give you 90 days of Spotify Premium for free or direct you to an online document converter, Bleeping Computer reports.

The “Ficker” or “FickerStealer” malware is designed to extract information from the infected machine or device. It mainly targets the Windows operating system, stealthily stealing banking data and personal information. And you might not know it’s there until the damage has been done.

What to look out for

There are several ways to distinguish an authentic website from a cheap clone hiding malware. The most important aspect of protecting your machine is to keep Windows and Microsoft Defender updated. That includes your antivirus software.

Here are some tips to spot a fake website:

• Most browsers can detect malicious websites and will warn you about proceeding. Google Chrome will sometimes block you from continuing your sessions. Make sure your browser is updated.
• Before clicking on a link, hover your mouse cursor over it. In the bottom-left corner of your browser, a preview of the destination URL will appear. If it looks suspicious or is full of jumbled characters, don’t proceed.
• Investigate the elements of a webpage if you’re unsure. Check for spelling or grammar errors. Look for photos and images that seem incorrect or odd. Keep an eye out for elements that look out of place.
• If you arrived at the page through a different link, check the URL in the address bar. The page might look real, but you could have been redirected somewhere else. Read the URL carefully. At a quick scan, microsoft.com and microsotf.com look almost identical.
• If anything looks suspicious on a page, never procced with any payments. Hit the X and move on.

Keep Reading

Think twice before you click that job offer – It may be hiding malware

Fake Android update is hiding malware that will take over your system