Monday, October 13, 2008

Deceptive website example

OK, this will sound kinda geeky, but that's what this blog is about, right?

So I'm reading some of my mail in gmail this morning, and I did something rare: I looked at the advertisements to see how relevant they were to the context of my email. For reference, I was reading a notification that a billing statement was ready. Of the eight ads on the right hand side, only two caught my eye because they stood out from the rest--not in a good way, necessarily, but they were just different.

You see, while the rest of the ads had a green location of www.WhateverSite.com, these two that stood out had a green location address that omitted the www in replace of an actual word like "balance" or "bills". In this case, I decided to click on the ad with the location of "bills.iGrantCash.com".

I was taken to a page that threw me back to the late 90s with its dithered iGrantCash.com icon (complete with one sole underline under the letters "ash.com"). Anytime I see a web site with shoddy graphics, I immediately throw a red flag because these days, graphics should be very polished since our monitors can display millions of colors.

Anyhow, that was strike one. Strike two came when I glanced at the very prominent top right corner, which touted, "Total grant sites: 57. Sites that were scams: 56. Legitimate sites: 1." Of course, my first question was: is this one of the scam sites? Then I thought, nah, this must be the "1" site that is not a scam. Hmmmmmmm.....

What else did I see? Somehow, this P.O.S. site from the 90s had been featured on such prominent sites as MSN, CNN.com, AOL Search, NBC, CNBC, CBS, Fox News, Forbes, the list goes on. A critical thinker might ask, "how is this so?" considering the web site looks like a piece of trash, while the non-critical thinker (or citizen desperate for cash) just says "whew, that's reassuring." So, with a critical eye, I continued reading on.

The truth finally came at the bottom of the page, where I read this in the fine print:

"As Seen On" logos and trademarks are owned by their respective companies. This site is currently advertised on all the media outlets identified under "As Seen On" logo banner.


So basically, they feel like they can say they've been "seen on" MSN, Yahoo, and others, because they advertise on those sites. Thus it is their advertisement that has been "seen on" those sites, not actual articles about the great product itself, which is simply links to information you can find using any search engine.

So now comes strike three: every single link on this web page directs the unsuspecting visitor to the exact same page: http://www.igrantcash.com/NewForm.jsp?

This is a sign-up page that screams, "Congratulations You are Pre-Qualified
For Free FREE Government Grant Money"

Again, this new sign-up page features logos from major companies such as CNN, NBC, CNBC, and Fox News, which makes the casual web surfer feel comfortable and at ease. My first question was, "gosh, how did little 'ol me get pre-qualified to receive thousands of government dollars for free? was my 'click' simply enough for them to say OK?"

By the way, that sign up page asks for your name, address, city, state, phone and email among other things, and it's not even transmitting the data using the https:// protocol (HTTP Secure). In other words, it's sent across the internet in plain text.

After entering in some fake information, I'm led to a second page asking for my credit card information. This time, however, it does use the https protocol, so at least they're taking my credit card information securely.

That's a nice thought.

So the bottom line is this: you may have read this post and say, "you ain't teachin' me nothin' new, essay!" But that is not the point. This post wasn't written for you. This post was written for those who are skeptical about a site for some reason, but can't quite put their fingers on why. This little lesson, for example, would be a great thing to teach someone in your life who is just getting started on the internet, or who has been using it for a while, but isn't quite as tech savvy with regard to graphics quality, where links go to, and security protocols such as https.