tag:blogger.com,1999:blog-18769506820464182142024-03-07T04:34:21.984+01:00IT security, technology, threat intelligence. Emilio CasbasOpen Source, security and social media plus random digital things. Unknownnoreply@blogger.comBlogger157125tag:blogger.com,1999:blog-1876950682046418214.post-43858389041958142024-01-09T23:43:00.007+01:002024-01-09T23:45:01.831+01:00Denunciar una página fraudulenta<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9af3AotmkrLowPlWAmGsobapxxTY_-_aUmmB7fARyw-wb84XKP68GTN1ep0lqvEC_JQa1mppLZQc_2UlqBx05ukXAB0OLiOT73TkFh1LbB8aghCq4eZecElo9-aTlf3Aydjnfv9CvRpHOwM2hiymBZ9i7ppx9S300BTEu5xBf5-w-le0PuQTNcDQNP0Y/s2364/Screen%20Shot%202023-12-19%20at%2010.23.54%20AM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1694" data-original-width="2364" height="229" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9af3AotmkrLowPlWAmGsobapxxTY_-_aUmmB7fARyw-wb84XKP68GTN1ep0lqvEC_JQa1mppLZQc_2UlqBx05ukXAB0OLiOT73TkFh1LbB8aghCq4eZecElo9-aTlf3Aydjnfv9CvRpHOwM2hiymBZ9i7ppx9S300BTEu5xBf5-w-le0PuQTNcDQNP0Y/s320/Screen%20Shot%202023-12-19%20at%2010.23.54%20AM.png" width="320" /></a></div><div class="separator" style="clear: both; text-align: center;">Plugin de chrome avisando sobre una web fraudulenta</div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitEUXXcTWroSgYy5AwETbaXThKX9xkD5QZ6rU_mjISLTLQ5wtlMjjhpcqXRTfxyKJi45epjYi53iBdKXBrcn2TdIlA40BDniA3JAyL3f5gNVhE_NCWEXK1WBFDrwy-XXHq4sIcCZL41953y9L5PoGaJyZ9kGgG1f_iFIteN3QBBAFqhppfZs4wLmk2TQo/s1082/Screen%20Shot%202021-12-10%20at%2011.15.31%20AM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="410" data-original-width="1082" height="121" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitEUXXcTWroSgYy5AwETbaXThKX9xkD5QZ6rU_mjISLTLQ5wtlMjjhpcqXRTfxyKJi45epjYi53iBdKXBrcn2TdIlA40BDniA3JAyL3f5gNVhE_NCWEXK1WBFDrwy-XXHq4sIcCZL41953y9L5PoGaJyZ9kGgG1f_iFIteN3QBBAFqhppfZs4wLmk2TQo/s320/Screen%20Shot%202021-12-10%20at%2011.15.31%20AM.png" width="320" /></a></div></div><div class="separator" style="clear: both; text-align: center;">desenmascara.me avisando de una web fraudulenta</div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1RwRVbXC7B5zlmI9GwoMmzbRt3MEy99pQRvcy3IafAcYZXnwrJkMTyoAFHRITAmiXFCaSe1I_r5-tPc4e70LL5sO5VL7yT2ErFekuoGNR-rtM17Goz0_dKrRVN7W79j1L4Ezv6yGYuUFV4pwyjH3_IExoTNVB2Btc_pKw9c5GWSCHYQSmEZ8AgSvrxOM/s1183/invest3.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="809" data-original-width="1183" height="219" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1RwRVbXC7B5zlmI9GwoMmzbRt3MEy99pQRvcy3IafAcYZXnwrJkMTyoAFHRITAmiXFCaSe1I_r5-tPc4e70LL5sO5VL7yT2ErFekuoGNR-rtM17Goz0_dKrRVN7W79j1L4Ezv6yGYuUFV4pwyjH3_IExoTNVB2Btc_pKw9c5GWSCHYQSmEZ8AgSvrxOM/s320/invest3.png" width="320" /></a></div><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both;">Plugin de chrome avisando sobre una web fraudulenta que usa personajes famosos</div><div class="separator" style="clear: both;"><br /></div></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiH76VcEu1w1yIqQho4mB3VPCqShsQ6S0B6KwJzBlq_lh_zhOz2eZbsdQ9dGxy2w1OkyV3qwc0FHCTeYINxZUjYbLQbC23E61wCRwNkSbdSc1lb5zTn6G3Sci1P-NOb4k6Berajz6KFK0o1bN6qQH4X-ZBdAw8OFBEAourHPofH3XWCnBfW4-FNsdWqmVM/s1002/Screen%20Shot%202015-11-17%20at%2011.42.37%20PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="669" data-original-width="1002" height="214" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiH76VcEu1w1yIqQho4mB3VPCqShsQ6S0B6KwJzBlq_lh_zhOz2eZbsdQ9dGxy2w1OkyV3qwc0FHCTeYINxZUjYbLQbC23E61wCRwNkSbdSc1lb5zTn6G3Sci1P-NOb4k6Berajz6KFK0o1bN6qQH4X-ZBdAw8OFBEAourHPofH3XWCnBfW4-FNsdWqmVM/s320/Screen%20Shot%202015-11-17%20at%2011.42.37%20PM.png" width="320" /></a></div><div class="separator" style="clear: both; text-align: center;">Sitio web fraudulento</div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div><p><b>Si caiste en una estafa online, toma medidas rapidas.</b></p><p></p><ul style="text-align: left;"><li>Recopila pruebas</li><li>Denuncia a las autoridades</li><li>Utiliza <a href="http://desenmascara.me">desenmascara.me</a> para alertar a otros usuarios.</li></ul><div><br /></div><div>Mas detalles en mi colaboracion con <a href="https://maldita.es/timo/">maldito timo</a>: <a href="https://maldita.es/timo/20240109/denunciar-pagina-dni-whatsapp-numero/">https://maldita.es/timo/20240109/denunciar-pagina-dni-whatsapp-numero/</a></div><div><br /></div><div><br /></div><div>Ejemplos de webs fraudulentas, de conocidas marcas: <a href="https://blog.emiliocasbas.net/2020/04/fraudulent-websites-examples-to-lure.html">https://blog.emiliocasbas.net/2020/04/fraudulent-websites-examples-to-lure.html</a></div><div><br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div><br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-62733184076242056502022-12-07T23:04:00.005+01:002022-12-12T22:03:10.158+01:00ChatGPT still can't let us know whether a website is fraudulent or not<p><span style="font-size: x-small;"><b>Note</b>: See at the bottom for more updates on this topic of ChatGPT.</span></p><p><br /></p><p><b><a href="https://openai.com/blog/chatgpt/">ChatGPT</a></b>, the <a href="https://chat.openai.com/chat">general purpose chatbot </a>released by the cutting-edge project OpenAI is making headlines everywhere. Let's just leave random ones for the record and to check it out later on.</p><p><br /></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://nypost.com/2022/12/06/scary-chatgpt-could-render-google-obsolete-in-two-years/" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img alt="" data-original-height="182" data-original-width="768" height="95" src="https://blogger.googleusercontent.com/img/a/AVvXsEh0LXYPW-VRQSzvribbC6eL_oY5jVPZF5RrkuDG-LjVriBSB3W_x99OxkBZaunrIMJ-OdslGnOYqaKQu7dYeJSGG7Mx_IhWvA0jgzD3FcE_J9uujHKTu6vRG9GgKhzW1-2gSZJG5mjvWmBXo4ABgZ5nNniFw7Vv_d6DFHS8e3uuYDFZ12OrLF_KUKRh=w400-h95" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: center;"><a href="https://thefinanser.com/2022/12/welcome-chatgpt-should-google-be-worried" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img alt="" data-original-height="365" data-original-width="458" height="240" src="https://blogger.googleusercontent.com/img/a/AVvXsEjX8k6TiitiYj39ZXQ6oiZDBvCFCLhccsUFMQF42qUy693qwTEOg7uaYO2SZdh6igmjle5m_37OQ_mUvblQ5tt7SIPAKIbe8sQN9PT9saPxh_xJbk4EMBaN5rEtnTQm0cYKQrLn7MCGu-leQRGI9hZpuYeQ5yHqUs_LghiE81oatm-MT94IL42UMg0K" width="301" /></a></div><br /><br /></div><br /><br /><p></p><p>ChatGPT is fine-tuned from a model in the <a href="https://beta.openai.com/docs/model-index-for-researchers">GPT-3.5</a> series, which finished training in early 2022. </p><p>It was trained using Reinforcement Learning from Human Feedback (RLHF). </p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjUn2xPXip8SDQneR43SxwrncEV6-hKJsi1BbfSbsLme_QObN4Chuj4G8ztNlDZsPNxvxl9CWT7tz3_JfG5mArxz2SR0UeTWxcDj4yhoG-Kw0C-_1AZu-be-2UolHeZ7Uszr7KnQu3JekECTp7Dc4Po9GnmMyNYb-W6rWM77X3Lm1q2Nb8VThSmzCfu" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="611" data-original-width="1050" height="372" src="https://blogger.googleusercontent.com/img/a/AVvXsEjUn2xPXip8SDQneR43SxwrncEV6-hKJsi1BbfSbsLme_QObN4Chuj4G8ztNlDZsPNxvxl9CWT7tz3_JfG5mArxz2SR0UeTWxcDj4yhoG-Kw0C-_1AZu-be-2UolHeZ7Uszr7KnQu3JekECTp7Dc4Po9GnmMyNYb-W6rWM77X3Lm1q2Nb8VThSmzCfu=w640-h372" width="640" /></a></div><br /><br /><p></p><p>With all the buzzword, I tried a few simple questions:</p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEi2WTSuElUDeMZcrBo1G6hWg_5ePZce8Jk2CC3PmIM-GSIDGoofcxj4l0U3256dO-lz5T9vXkAZ13pNXIIpOtEOjMSxwiyJ-gFhzsUxlbSM_FRItOj9L2H3sNnX1ked09d59_3Zzlr8j0bs-z3Bz-JwV3lWZp3kLqXeL-E7V5gU1lDCLbeEWysCTXih" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="889" data-original-width="784" height="640" src="https://blogger.googleusercontent.com/img/a/AVvXsEi2WTSuElUDeMZcrBo1G6hWg_5ePZce8Jk2CC3PmIM-GSIDGoofcxj4l0U3256dO-lz5T9vXkAZ13pNXIIpOtEOjMSxwiyJ-gFhzsUxlbSM_FRItOj9L2H3sNnX1ked09d59_3Zzlr8j0bs-z3Bz-JwV3lWZp3kLqXeL-E7V5gU1lDCLbeEWysCTXih=w565-h640" width="565" /></a></div><br /><br /><p></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjCZNbcr4qD8gMDTyhq5SwqEShPh0UXOBb75w4VtCgqXNUlhgCfiBxm_5kkXL6GtyHkUEpqCD-04cdNVA00P0ZZSYCo2h4u7tDZF3zNo1QP6zAeFycL4BOtjQiLA1l5fWm4uS-rAsGOCzkTUEgOBXFqENMrRrdE8jnJG5xcRxfCbLB0CvuBsJ722uhS" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="599" data-original-width="810" height="474" src="https://blogger.googleusercontent.com/img/a/AVvXsEjCZNbcr4qD8gMDTyhq5SwqEShPh0UXOBb75w4VtCgqXNUlhgCfiBxm_5kkXL6GtyHkUEpqCD-04cdNVA00P0ZZSYCo2h4u7tDZF3zNo1QP6zAeFycL4BOtjQiLA1l5fWm4uS-rAsGOCzkTUEgOBXFqENMrRrdE8jnJG5xcRxfCbLB0CvuBsJ722uhS=w640-h474" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgc7W_v31ZReeOyxzofNc8-9bdNGldat40HfNyhZDKXeF1Y0aIViyaELBHL7ROWi42jcxQL8lta3Yfjy_ybsCcOOuWNzIPhE06jXehZpidVc_zmKd_H9gXWaxljf-xeDXKHPnL4FuX4I3-adX5cs7ykEQ_QJR_U2bprHF-cBRrkbIP_D3XPavYZXFjs" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="205" data-original-width="828" height="158" src="https://blogger.googleusercontent.com/img/a/AVvXsEgc7W_v31ZReeOyxzofNc8-9bdNGldat40HfNyhZDKXeF1Y0aIViyaELBHL7ROWi42jcxQL8lta3Yfjy_ybsCcOOuWNzIPhE06jXehZpidVc_zmKd_H9gXWaxljf-xeDXKHPnL4FuX4I3-adX5cs7ykEQ_QJR_U2bprHF-cBRrkbIP_D3XPavYZXFjs=w640-h158" width="640" /></a></div><br /><br /><p></p><p>What I learnt?:</p><p></p><ul style="text-align: left;"><li>I have no idea about AI. This article is just to grasp some concepts.</li><li>The fluency devised from answers all over the world is an illusion that stems from the combination of massive amounts of data, immense computing power, and novel processing techniques.</li><li>One of the more popular use cases seems to be to generate essays. Though there is already <a href="https://huggingface.co/openai-detector/">Openai detector PoC</a>.</li><li>The robot is not connected to the Internet therefore his knowledge stops at 2021-09 (at the time of writing this article).</li><li>The technology is impressive but still has its limitations, as seen above.</li><li>Still far away from the <a href="https://en.wikipedia.org/wiki/Technological_singularity" target="_blank">Singularity</a> (see below)</li></ul><div><br /></div><div>While ago I read the book <b>"Life 3.0"</b> <i>Being human in the age of Artificial Intelligence by </i><a href="https://space.mit.edu/home/tegmark/home.html" target="_blank">Max Tegmark.</a></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEiZJaITmG3NvoZm6MrQuL8UiWiRurS8X9NZiXijou8WMZ1hbl1t1lpgDVb6GwcU54_x6JTlItKExQ9aoJj80S-J0exwsUCSnPS7FOSi49jmYHUVnJVpnagOgjByYXgpQjeu9Owj8LFtVHih-Rt78Zb48y-YMJ5SAQEnYWsjMmAGWcHo-bbYfZiq8q_i" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="556" data-original-width="380" height="240" src="https://blogger.googleusercontent.com/img/a/AVvXsEiZJaITmG3NvoZm6MrQuL8UiWiRurS8X9NZiXijou8WMZ1hbl1t1lpgDVb6GwcU54_x6JTlItKExQ9aoJj80S-J0exwsUCSnPS7FOSi49jmYHUVnJVpnagOgjByYXgpQjeu9Owj8LFtVHih-Rt78Zb48y-YMJ5SAQEnYWsjMmAGWcHo-bbYfZiq8q_i" width="164" /></a></div><div><br /></div><div><br /></div>Below some random paragraphs that I had marked in the book:</div><div><br /></div><div><i></i><blockquote><i>Intellectual property rights are sometimes hailed as the mother of creativity and invention. However, Marshall Brain points out that many of the finest examples of human creativity -from scientific discoveries to creation of literature, art, music and design - were motivated not bv a desire for profit but by other human emotions, such as curiosity, an urge to create, or the reward of peer appreciation. Money didn't motivate Einstein to invent special relativity theory any more than it motivated Linux Torvalds to create the free Linux operating system. In contrast, many people today fail to realize their full creative potential because they need to devote time and energy to less creative activities just to earn a living. By freeing scientists, artists, inventors and designers from their chores and enabling them to create from genuine desire, Marshall Brain's utopian society enjoys higher levels of innovations than today and correspondingly superior technology and standard of living.</i></blockquote><p><i><br /></i></p><p></p><blockquote><p><i>Since we can't completely dismiss the possibility that we'll eventually build human-level AGI, let's devote this chapter to exploring what that might lead to. Let's begin ty tackling the elephant in the room: Can AI really take over the world, or enable humans to do so?</i></p><p><i>If you roll your eyes when people talk of gun-toting Terminator style robots taking over, then you're spot-on.: this is a really unrealistic and silly scenario. These Hollywood robots aren't that much smarter than us, and they don't even succeeded. In my opinion, the danger with the Terminator story isn't that it will happen, but that it distracts from the real risks and opportunities presented by AI. To actually get from today to AGI-powered world takeover requires three logical steps:</i></p><p></p><ul style="text-align: left;"><li><i>Step 1: Build human-level AGI.</i></li><li><i>Step 2: Use this AGI to create superintelligence</i></li><li><i>Step 3: use or unleash this superintelligence to take over the world </i></li></ul><p></p></blockquote></div><div><br /><br /></div><div><br /></div><div><i><br /></i></div><div><b>Update: 12/12/2022</b></div><div><b><br /></b></div><div><b><div class="separator" style="clear: both; text-align: center;"><a href="https://twitter.com/sama/status/1602119635373105154" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="493" data-original-width="620" height="318" src="https://blogger.googleusercontent.com/img/a/AVvXsEgosBr4iQlKxm4REWTNwyiyz9pWwimNsXgA8JnrkyeYLSXuAQCYKHdRl4aDY8KDrirRXJxRMZfLvgir5XTwhnyyYkHe8UG5ntudcF9SGI9sRPocWI8-KfwL5HdGnj1O4fkpsJ7dyR2kAwQdD2LfMClbNFpcHF5SPxgVFXhjdn8JPIpP2OKfroSYDeKQ=w400-h318" width="400" /></a></div><br /><br /></b></div><div><i><br /></i></div><p></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-81401465606564292282022-03-31T15:06:00.003+02:002022-03-31T15:06:23.640+02:00MITRE publishes 11 strategies of a world-class cybersecurity operations center<p>MITRE has published 11 Strategies of a World-Class Cybersecurity Operations Center, a practical book for enhancing digital defense for security operations center (SOC) operators. <a href="https://www.mitre.org/news/press-releases/mitre-publishes-11-strategies-of-a-world-class-cybersecurity-operations-center">Ref</a>. </p><p><br /></p><p><span style="background-color: #efefef; color: #555555; font-family: "Serifa Roman"; font-size: 16px;">“Operating without commercial conflicts of interest, we’re working to arm a worldwide community of cyber defenders with vital information to thwart network intruders,” said Wen Masters, vice president, cyber technologies, MITRE. “We draw from a wealth of deep technical expertise at MITRE to address the ever-evolving challenges in cybersecurity. The authors of </span><em style="-webkit-tap-highlight-color: transparent; background-color: #efefef; box-sizing: border-box; color: #555555; font-family: "Serifa Roman Italic"; font-size: 16px; overflow-wrap: normal;">11 Strategies of a World-Class Cybersecurity Operations Center</em><span style="background-color: #efefef; color: #555555; font-family: "Serifa Roman"; font-size: 16px;"> bring forth the best principles and practices within MITRE to help the entire cyber ecosystem leverage up their defenses and operations.”</span></p><p><span style="background-color: #efefef; color: #555555; font-family: "Serifa Roman"; font-size: 16px;"><br /></span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjd3HKcUdGodmQv9czL_W3tVwnewAlSIKYR6rd7XFrRKpS8ACnUHZfn87dZO5KAxvfninKi9-ihHcImLB77sAjkF30dsCDLaSgw3AbyfdseDThihsobdk-tPfiDQsSyq_i_y4JX2FJZ8p4nTPeZuoLtAGyBzxvGo5tQpzXfUIjDxeSGvPZc3PoCOWTm" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="432" data-original-width="618" height="448" src="https://blogger.googleusercontent.com/img/a/AVvXsEjd3HKcUdGodmQv9czL_W3tVwnewAlSIKYR6rd7XFrRKpS8ACnUHZfn87dZO5KAxvfninKi9-ihHcImLB77sAjkF30dsCDLaSgw3AbyfdseDThihsobdk-tPfiDQsSyq_i_y4JX2FJZ8p4nTPeZuoLtAGyBzxvGo5tQpzXfUIjDxeSGvPZc3PoCOWTm=w640-h448" width="640" /></a></div><br /><a href="https://www.mitre.org/sites/default/files/publications/11-strategies-of-a-world-class-cybersecurity-operations-center.pdf">Download PDF</a><p></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-86320718033253577472022-03-14T23:41:00.002+01:002022-03-14T23:41:36.421+01:00Cybersecurity mitigations measures against critical threats<p> On February 14, ENISA and CERT-EU made a <a href="https://media.cert.europa.eu/static/WhitePapers/TLP-WHITE-CERT-EU_Security_Guidance-22-001_v1_0.pdf">joint publication strongly encouraging all EU based organisations to implement a set of cybersecurity best practices</a>.</p><p><br /></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEi-SJ-WbC457A7BuWjlPmggXcASuJBiL8SL6J16P5H1TeuWWN2cJ550FEp2Hkzbu29ZyzF26s4fZDXw6JDXkaEtoQNZzrhv0NfuBg5UgHkcId73ZyyuEE3dQ2GLF7rhGFV74wi7Xp6kGzdWyOCGbPF55AQX3gFyS6AQ0V-Lu4utW1husKnCc3p7eso4" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="872" data-original-width="695" height="640" src="https://blogger.googleusercontent.com/img/a/AVvXsEi-SJ-WbC457A7BuWjlPmggXcASuJBiL8SL6J16P5H1TeuWWN2cJ550FEp2Hkzbu29ZyzF26s4fZDXw6JDXkaEtoQNZzrhv0NfuBg5UgHkcId73ZyyuEE3dQ2GLF7rhGFV74wi7Xp6kGzdWyOCGbPF55AQX3gFyS6AQ0V-Lu4utW1husKnCc3p7eso4=w509-h640" width="509" /></a></div><br /><br /><p></p><p><br /></p><p><br /></p><p><br /></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-81314537036652238832021-12-06T22:15:00.002+01:002021-12-06T22:19:17.365+01:00Desenmascara.me in Riyadh, Saudi Arabia<p>Vision 2030 is a unique transformative economic and social blueprint that is opening Saudi Arabia to the world. </p><p><i><span style="font-size: medium;">"Our country is rich in its natural resources. We are not
dependent solely on oil for our energy needs. Gold,
phosphate, uranium, and many other valuable minerals
are found beneath our lands. But our real wealth lies in
the ambition of our people and the potential of our
younger generation. They are our nation’s pride and the
architects of our future."</span></i></p><p style="text-align: right;"><a href="https://www.vision2030.gov.sa/media/rc0b5oy1/saudi_vision203.pdf"><span style="font-size: x-small;">Saudi Vision 2030</span></a></p><p style="text-align: right;"><br /></p><p style="text-align: justify;">Under this program, @athack, the biggest infosec conference in Saudi Arabia was born. </p><div class="separator" style="clear: both; text-align: center;"><a href="https://athack.com/" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: medium;"><img border="0" data-original-height="666" data-original-width="1143" height="233" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3cfasogbAWE5YdlIqXfxuFP_OwO3uZ5QPW6G7pXyRdtD1ZzZSDJfKkVWmVVmBoewdEhYneUTKqTOaEdA-aKlwWFqY65jSWSKtiKf3Gotl3RZtrz51v0oMhI7gkv35v_BL9Eb-Qjygw6A/w400-h233/Screen+Shot+2021-11-30+at+12.48.25+AM.png" width="400" /></span></a></div><br /><p style="text-align: justify;">It had a comprehensive agenda with speakers all over the world so the Saudis don´t need to go outside to see on stage to gurus like Bruce <a href="https://www.schneier.com/">Schneier</a>, successful entrepreneurs like <a href="https://www.dragos.com/team/robert-m-lee/">Robert. M. Lee</a>, the people hacker <a href="https://humanfactorsecurity.co.uk/speaking/">Jenny Radcliffe</a>, or the Hacker <a href="https://twitter.com/jaysonstreet?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor">Jayson E. Street.</a></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWMhpGLGqFsRcMpd5gGk0f0tuMF_EyXpx_7npVUCAIeMIm7B_60BRxJP9aZHzbN4INoxh6jUzZAE4w_y-o9n47KM3zQAZkdGuWwGKa7dFhQeQgbjCIq74unm1L_Rxawi9BaqM-AxTCI_s/s1072/Screen+Shot+2021-11-30+at+1.00.25+AM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="670" data-original-width="1072" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWMhpGLGqFsRcMpd5gGk0f0tuMF_EyXpx_7npVUCAIeMIm7B_60BRxJP9aZHzbN4INoxh6jUzZAE4w_y-o9n47KM3zQAZkdGuWwGKa7dFhQeQgbjCIq74unm1L_Rxawi9BaqM-AxTCI_s/w640-h400/Screen+Shot+2021-11-30+at+1.00.25+AM.png" width="640" /></a></div><br /><p style="text-align: justify;">In total around 250 international security professionals worldwide were brought to the event. I had the extraordinary opportunity to assist to the @Hack Arsenal</p><div class="separator" style="clear: both; text-align: center;"><a href="https://athack.com/agenda?keys=&session_day=126" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="771" data-original-width="787" height="391" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGLZQgsdMSC4Y9XpbqEAMAxmCP1saonaJ-qgCQCiCqu_WnZFvSPlqJltGH3HizsFYcJ-fxaki8o-Fmgbl2BeVeAgPv7BOz5_nhvx_pNxK3yXoMBWMEAk3IIvavTojNIAkOqaAIzcJ9I4w/w400-h391/Screen+Shot+2021-12-03+at+11.44.04+PM.png" width="400" /></a></div><br /><p style="text-align: justify;">In the @Hack Arsenal area I had the chance along many other security researches to demoed the tools we are working on.</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicWjzx7b6JkJq9qJXe0l6xCOg_RS6ATrD5ZmfeUi9qbh8PYUuarnfjwE51wgHLnY91m9Ysb1Jdvk8gWy_tlKr8OT4QzSHCyQOTPXoLjtQL-5pSTA4xH3JjN0s8rTWnt17zzAxNgEUeNG0/s562/Screen+Shot+2021-12-03+at+11.47.22+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="238" data-original-width="562" height="272" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicWjzx7b6JkJq9qJXe0l6xCOg_RS6ATrD5ZmfeUi9qbh8PYUuarnfjwE51wgHLnY91m9Ysb1Jdvk8gWy_tlKr8OT4QzSHCyQOTPXoLjtQL-5pSTA4xH3JjN0s8rTWnt17zzAxNgEUeNG0/w640-h272/Screen+Shot+2021-12-03+at+11.47.22+PM.png" width="640" /></a></div><br /><p style="text-align: justify;">The fraud in Arabia Saudi is aligned with the worldwide metrics, increasing constantly. </p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRpJxG06GXb0aJBEYp_1FzC5tl9LHhXw7TTKQIINycTOwx70yHu2SROL_IWua9wYlkNwjJy9FQcpchpWjOyR4jCD0aHo_VhGt5oFOgE4XWSp_Jv3N9JAlsuU3bIFdR6eWvoC86uxJryhs/s1224/Screen+Shot+2021-12-03+at+11.51.35+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="689" data-original-width="1224" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRpJxG06GXb0aJBEYp_1FzC5tl9LHhXw7TTKQIINycTOwx70yHu2SROL_IWua9wYlkNwjJy9FQcpchpWjOyR4jCD0aHo_VhGt5oFOgE4XWSp_Jv3N9JAlsuU3bIFdR6eWvoC86uxJryhs/w640-h360/Screen+Shot+2021-12-03+at+11.51.35+PM.png" width="640" /></a></div><br /><p style="text-align: justify;">I did show some last minute examples with fraudulent websites which popped up in my Twitter stream as Advertisements of Fraudulent websites!</p><p style="text-align: justify;">Also with some Fraudulent websites in Arabic which I had no idea what they were about but someone from the public thankfully did clarify it to me :-)</p><div class="separator" style="clear: both; text-align: center;"><a href="https://twitter.com/desenmascarame/status/1465358017453604868" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="776" data-original-width="455" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8-3Xkio4REej_SI8ohGm7YNBiYCEBHeG_sKQTMMWpOICNsq-zH7GZ172pFTd_Cpm3F40CLuF7GlcBBgc-6deMCXpFqeED73OAVgsMO-87Ki1pFgAvzZlFbfHtBZQGsP7A5rsdpIKLEJQ/w376-h640/Screen+Shot+2021-12-03+at+11.54.33+PM.png" width="376" /></a></div><br /><p style="text-align: justify;">It seems the audience got interested in the topic. </p><div class="separator" style="clear: both; text-align: center;"><a href="https://twitter.com/AlghamdiSalihah/status/1465390660446470151" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="493" data-original-width="446" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNnKFP_HmLfJz8IwCCo6i0O7xM5Tm-QEjRUuO6Al46W8ALAtS-ncC0Mgaca8D-5hEUEn83AgM2AGFZzkVD3kgfpM-iKgu_lmTaTsUjyHD__K3-ri1FxFYkwHX3zNPk2XNvVRZJk2JErew/w361-h400/Screen+Shot+2021-12-03+at+11.56.21+PM.png" width="361" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLLAWnd3xG0gW3XJTYp8odFFzMqvTQkXHRcYIUPPUMR7i8HRsTV0zae-2TluAyYCy8LLiffZxHkG0XtiqHTDtQtldKIM5lrk6GnQ7lRLkv9PIk9-WKE58c-oIi2wopg2EQ6h0F9aSS0_Q/s730/Screen+Shot+2021-12-03+at+11.56.35+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="730" data-original-width="448" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLLAWnd3xG0gW3XJTYp8odFFzMqvTQkXHRcYIUPPUMR7i8HRsTV0zae-2TluAyYCy8LLiffZxHkG0XtiqHTDtQtldKIM5lrk6GnQ7lRLkv9PIk9-WKE58c-oIi2wopg2EQ6h0F9aSS0_Q/w392-h640/Screen+Shot+2021-12-03+at+11.56.35+PM.png" width="392" /></a></div><br /><p style="text-align: justify;">After the session there were quite a few interesting questions and interactions with the audience:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh693v828ejtOeqFJAFNf2gp1FNzldjs504Lm7OmDNUVw-ukiJQZKgTdSe0lIIshALQfTZqIXeT8sDCiFtm5QrItdTlHQ_ZzjXnmnXQREYFLEe573apfGhjVsqL2XBJkpbgKqzRjUJPOJ8/s382/Screen+Shot+2021-12-03+at+11.59.26+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="283" data-original-width="382" height="296" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh693v828ejtOeqFJAFNf2gp1FNzldjs504Lm7OmDNUVw-ukiJQZKgTdSe0lIIshALQfTZqIXeT8sDCiFtm5QrItdTlHQ_ZzjXnmnXQREYFLEe573apfGhjVsqL2XBJkpbgKqzRjUJPOJ8/w400-h296/Screen+Shot+2021-12-03+at+11.59.26+PM.png" width="400" /></a></div><br /><p style="text-align: justify;">I have had the opportunity to met new and quite interesting people, to learn a bit more about other cultures and the Islam, and even I did an interview for the Saudi Federation for Cybersecurity, Programming and drones, one of the main organizers in partnership with other entities :)</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj35UBimYmeUR0RhyphenhyphenFGzYCITuc69dO9uaEKTZQhFJx0H8SlAtS9ysmG4JHjcbIbnkR9WUVBpD1xB9osA_7B_rU-lSL19H7i67QmFFX9I3JpQYp5mNoxraKcyPmymRwd_aiGmL3gOeQRQy4/s612/Screen+Shot+2021-12-04+at+12.13.48+AM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="470" data-original-width="612" height="308" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj35UBimYmeUR0RhyphenhyphenFGzYCITuc69dO9uaEKTZQhFJx0H8SlAtS9ysmG4JHjcbIbnkR9WUVBpD1xB9osA_7B_rU-lSL19H7i67QmFFX9I3JpQYp5mNoxraKcyPmymRwd_aiGmL3gOeQRQy4/w400-h308/Screen+Shot+2021-12-04+at+12.13.48+AM.png" width="400" /></a></div><br /><p style="text-align: justify;">There is great young talent in Saudi Arabia and everyone has faith on the Saudi Vision 2030. Saudis know the importance of learning programming, soon it will be as important as learning to read and write. Part of their strategy is to create one programmer out of very 100 Saudi nationals by 2030, in addition to encouraging innovation and creativity and achieving global leadership. This was our grain of salt to support their vision. </p><p style="text-align: justify;">Thank you <a href="https://toolswatch.org">toolswatch </a>team and to all the arsenal presenters for such a great experience!</p><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEeXNO7qxNXF1rr3buNp7VqeAaKUxgiA13Zgfi7iaWIarBEzsLahLQvYzjklVHdvmozfQ9gQbwk8lbQHoxa8TH7OWYCAEC-sSOUv6WBRokxGaxxj_IhRMEVsV6xgn8Wa2KbbRPNIMMfoU/" style="margin-left: 1em; margin-right: 1em;"><img data-original-height="820" data-original-width="1189" height="276" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEeXNO7qxNXF1rr3buNp7VqeAaKUxgiA13Zgfi7iaWIarBEzsLahLQvYzjklVHdvmozfQ9gQbwk8lbQHoxa8TH7OWYCAEC-sSOUv6WBRokxGaxxj_IhRMEVsV6xgn8Wa2KbbRPNIMMfoU/w400-h276/image.png" width="400" /></a></div><br /><br /><p style="text-align: justify;">I have to say it has been an impressive experience to visit the Kingdom of Saudi Arabia and to felt the warm and kindness of their people. Hats off to the <a href="https://safcsp.org.sa/en/">organization</a> of <a href="https://athack.com/agenda?keys=&session_day=127">atHack</a>!! </p><div><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4mBqqYRAHosmGoijoripWNPOQBHhC0nTxkkDrXUaVtjL_Gn-KBF7qkd-u46sNA6RK6kDqrou2dd7MC_4LeLvj_tbuYaCx7yNJLCPHDVNFNWdnG7byY2cT5w1gCVqI8r-ui_otO4pn7Rw/" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="706" data-original-width="515" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4mBqqYRAHosmGoijoripWNPOQBHhC0nTxkkDrXUaVtjL_Gn-KBF7qkd-u46sNA6RK6kDqrou2dd7MC_4LeLvj_tbuYaCx7yNJLCPHDVNFNWdnG7byY2cT5w1gCVqI8r-ui_otO4pn7Rw/w292-h400/image.png" width="292" /></a></div></div><br /><p style="text-align: justify;"><br /></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-68656152942591372842021-10-29T22:52:00.001+02:002021-10-29T22:52:36.016+02:00Facebook refuses to drive scammers off its platform because it generates billions of dolars per year in revenue from Deceptive Facebook Ads<p> The title of this post is the response to this other article "<a href="http://blog.emiliocasbas.net/2017/01/facebook-does-not-worry-about-online.html">Facebook does not worry about the online counterfeiting fraud</a>".</p><p>Recently I <a href="https://www.docketalarm.com/cases/California_Northern_District_Court/4--21-cv-06186/Calise_et_al_v._Facebook_Inc/docs/1.pdf">became aware that Facebook (or Meta) has been served with a lawsuit </a>accusing it of actively soliciting and assisting scammers for its own financial gain and to users detriment. </p><p><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixOP_Z84vV58SKSwmUAKRJL5NNJDr_wsPFbvUYF7uqKyvDxJhM0gH3uHvpKtd2FYQFiXVZvNRmU5iz2ThaGDldCE_J5V9uUFwk2Ai0L5W4lnjNYAG4F_N3VZ0EtTh4BY-swJCInc3_GtI/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="589" data-original-width="966" height="390" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixOP_Z84vV58SKSwmUAKRJL5NNJDr_wsPFbvUYF7uqKyvDxJhM0gH3uHvpKtd2FYQFiXVZvNRmU5iz2ThaGDldCE_J5V9uUFwk2Ai0L5W4lnjNYAG4F_N3VZ0EtTh4BY-swJCInc3_GtI/w640-h390/image.png" width="640" /></a></p><p><br /></p><p>The whole document is worth a read for pearls like below:</p><p><i>4. Facebook has done much more than passively create and maintain a platform on
which scammers can brazenly target users with scams. According to internal Facebook
documents, and current and former Facebook employees and contractors recently interviewed by
various investigative journalists at prominent publications,4
Facebook actively solicits,
encourages, and assists scammers in numerous ways. On the revenue side, according to these
investigations, Facebook’s sales teams have presented at conferences heavily attended by known
scammers, socialized with known scammers for business development purposes, and met revenue
quotas by encouraging known scammers to continue buying Facebook ads. Facebook’s sales teams
have also been aggressively soliciting ad sales in China and providing extensive training services
and materials to China-based advertisers, despite an internal study showing that nearly thirty
percent (30%) of the ads placed by China-based advertisers — estimated to account for $2.6 billion
in 2020 ad sales alone — violated at least one of Facebook’s own ad policies.</i> </p><p><i>5. On the enforcement side, according to these investigations, Facebook has
affirmatively directed employees and contractors tasked with monitoring Facebook’s platform for
deceptive ads to (i) ignore ads placed by hacked Facebook accounts and pages, as long as Facebook
gets paid for these ads, and (ii) ignore violations of Facebook’s Ad Policies, especially by Chinabased advertisers (since Facebook “want[s] China revenue”). </i></p><p><i>6. In October 2020, the Federal Trade Commission (“FTC”) reported that about 94%
of the complaints it collected concerning online shopping fraud on social media identified
Facebook (or its Instagram site) as the source.5 </i></p><p>Let's see how this lawsuit ends up.</p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-37082841739803318382021-10-28T00:33:00.003+02:002021-10-28T10:57:34.081+02:00Fraude de inversion con altos rendimientos eliminado a traves de desenmascara.me <p>Este tipo de scam en ingles es conocido como "<a href="https://www.investor.gov/protect-your-investments/fraud/types-fraud/high-yield-investment-programs">High Yield Investment program</a>". Basicamente es un esquema ponzi online. Ahora con el tema de Crypto es uno de los mas populares, pero <a href="https://ieeexplore.ieee.org/document/6963164">lleva años en Internet. </a></p><p>Como funciona?, recientemente me llego este correo de un usuario de desenmascara.me. Veámoslo de primera mano:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjAJpkkbickmle_-1ETyeDQNGDViw0D3qrC7c9xxyk9j_LhUNah5Kb7rEbICdKKPIJ4rv6aujRkEOTUKXdXaTYvAcG8eUwFK_M4FvMatSQIXNNnZLg2GUAW95xNM_bS_QD7AlKo1UDRMo/s724/Screen+Shot+2021-10-27+at+9.40.36+PM+1.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="453" data-original-width="724" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjAJpkkbickmle_-1ETyeDQNGDViw0D3qrC7c9xxyk9j_LhUNah5Kb7rEbICdKKPIJ4rv6aujRkEOTUKXdXaTYvAcG8eUwFK_M4FvMatSQIXNNnZLg2GUAW95xNM_bS_QD7AlKo1UDRMo/w640-h400/Screen+Shot+2021-10-27+at+9.40.36+PM+1.png" width="640" /></a></div><br /><p>La web tenia esta apariencia:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJQTm_SZK83RtT1QaMKgnvBNO1kWzwuegTlMCxQ46O6Iux-lkLGTsjPcEfMVry52YrA21m8l4eK-s91BEwX_NHVcDgDd-h9suLp1eIioZYparnAAKNys_CN2HEB6iHyniY5-dmKO7pW9Y/s1394/Screen+Shot+2021-10-27+at+9.20.37+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="802" data-original-width="1394" height="368" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJQTm_SZK83RtT1QaMKgnvBNO1kWzwuegTlMCxQ46O6Iux-lkLGTsjPcEfMVry52YrA21m8l4eK-s91BEwX_NHVcDgDd-h9suLp1eIioZYparnAAKNys_CN2HEB6iHyniY5-dmKO7pW9Y/w640-h368/Screen+Shot+2021-10-27+at+9.20.37+PM.png" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwHZW_auw_pwOZJSEzTUmAkkrsAIG4geC53HkrD-XIhorg6kmIVztsDSKpldd67YWbNmoDCk1vDfAc3BjoM0OrkDK-ZmkOF9h0V2DCHzGcKr2ddObrIFkciBpzgsv8E4gnM1mKIVVpc2E/s1313/Screen+Shot+2021-10-27+at+9.35.52+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="570" data-original-width="1313" height="278" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwHZW_auw_pwOZJSEzTUmAkkrsAIG4geC53HkrD-XIhorg6kmIVztsDSKpldd67YWbNmoDCk1vDfAc3BjoM0OrkDK-ZmkOF9h0V2DCHzGcKr2ddObrIFkciBpzgsv8E4gnM1mKIVVpc2E/w640-h278/Screen+Shot+2021-10-27+at+9.35.52+PM.png" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhF4Zs37tcZ1EPEbV8QCx5-qXaM5ZG34CDKF6Lh_wHz-Ds6J8qqHBX5i88xiHr6n8F_0EeDOjFuRdb-lChy8mnXjr1Y-f2E4tBTje0bL2GrdxbQgs6cDj7qLA5zFFbYQXEumHEBs0QaK5M/s1315/Screen+Shot+2021-10-27+at+9.36.02+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="721" data-original-width="1315" height="350" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhF4Zs37tcZ1EPEbV8QCx5-qXaM5ZG34CDKF6Lh_wHz-Ds6J8qqHBX5i88xiHr6n8F_0EeDOjFuRdb-lChy8mnXjr1Y-f2E4tBTje0bL2GrdxbQgs6cDj7qLA5zFFbYQXEumHEBs0QaK5M/w640-h350/Screen+Shot+2021-10-27+at+9.36.02+PM.png" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0gd6MLRIq9ixNftGaJs0kc-ndBaVCovkyYKFdl2FzH7mCTFFfu2RCuzpU9sDqfTHqt9_Ux1mJ1vT8er9fg0pLT4uenb95nI_tdjvg-wJTEV5nAgQZEkanjbMxTVtZzcTNl4D9Gr5p1Iw/s1139/Screen+Shot+2021-10-27+at+9.17.23+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="791" data-original-width="1139" height="444" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0gd6MLRIq9ixNftGaJs0kc-ndBaVCovkyYKFdl2FzH7mCTFFfu2RCuzpU9sDqfTHqt9_Ux1mJ1vT8er9fg0pLT4uenb95nI_tdjvg-wJTEV5nAgQZEkanjbMxTVtZzcTNl4D9Gr5p1Iw/w640-h444/Screen+Shot+2021-10-27+at+9.17.23+PM.png" width="640" /></a></div><br /><p>Tras analizarla con desenmascara.me corrobore a través de metadatos que es fraudulenta. Ademas, ciertos patrones de datos de esta web se han incluido en el servicio de desenmascara.me para mejorar la detección de paginas fraudulentas con similares características.</p><p>Adicionalmente se ha incluido en VirusTotal, para avisar a la comunidad:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJEXo7GHn7hDD-BFCIRyj4SPxymZPMh4mOJzBmhrM4TEooW-k9sEIxDdnhXZ82He_JIntxr2RVWp6P4X0N5mbkNrLrrnNvloTiYfZ4wftWJX9NdxPPolojWCgahJSrtf1IhwF3tM11mAc/s1241/Screen+Shot+2021-10-27+at+9.53.15+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="605" data-original-width="1241" height="312" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJEXo7GHn7hDD-BFCIRyj4SPxymZPMh4mOJzBmhrM4TEooW-k9sEIxDdnhXZ82He_JIntxr2RVWp6P4X0N5mbkNrLrrnNvloTiYfZ4wftWJX9NdxPPolojWCgahJSrtf1IhwF3tM11mAc/w640-h312/Screen+Shot+2021-10-27+at+9.53.15+PM.png" width="640" /></a></div><br /><p>Esta web estaba activa desde hace meses:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://desenmascara.me/consulta/6cde067fac4d74f580296a02b3726f58" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="158" data-original-width="427" height="148" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZNw-YSG0NIL_yf5r-OcSqTrv3WKTUxu8ojFg-H5sO9j9OCuUXqkOuFpRlAtYQpHXVVau0eL85eD9b08FkEKQKLOTtgz4HrBLvbSHd_Sx2372Azc7XUcdhVqFCriMEBvcqRUt07x4E-us/w400-h148/Screen+Shot+2021-10-27+at+9.58.09+PM.png" width="400" /></a></div><p>El hecho de que ninguna otra compañía detecte todavía la web como fraudulenta, indica que este tipo de fraude, pese a estar en crecimiento, no es tenido en cuenta por la industria de la seguridad de la información. Ello puede ser a que este tipo de actividades fraudulentas pertenece mas al campo del crimen financiero. En este aspecto, existen buscadores, no muy amigables, todo hay que decirlo, como el que <a href="http://cnmv.es/Portal/advertenciaslistado.aspx?tipoAdv=4">proporciona la CNMV</a>. Dicha web tampoco estaba en el punto de mira de los reguladores de mercado:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9Bud-QitOaBVBdTT6wYmXe5LwJlPyVJbBNtfkIh_PbkxVVGg_d9cvAPwKw9d07cjkNeH1HrmpyVC-ynvPY9LRQ0n8wrpqiMNavd8FyJawdsCwvjVobwwlC05Dk2ltVU0YHtf2pnqNTRY/s828/cnmv.PNG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="390" data-original-width="828" height="302" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9Bud-QitOaBVBdTT6wYmXe5LwJlPyVJbBNtfkIh_PbkxVVGg_d9cvAPwKw9d07cjkNeH1HrmpyVC-ynvPY9LRQ0n8wrpqiMNavd8FyJawdsCwvjVobwwlC05Dk2ltVU0YHtf2pnqNTRY/w640-h302/cnmv.PNG" width="640" /></a></div><br /><p>Por ultimo, viendo el exito que tuve con la eliminacion de otra <a href="http://blog.emiliocasbas.net/2021/10/desenmascarame-ha-impedido-un-fraude.html">web fraudulenta que habia estafado mas de $25000 a 40 personas en tres dias</a>, he solicitado tambien la eliminacion de dicha web.</p><p>En menos de 2 horas ha sido eliminada:</p><p></p><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-tkzQll5VoyBDHRvbv1CyjiwWsHhhWsoMyboVVcY0Hfuwsrjv0EhAd9X91TbXXe1QzU2n5MI9k-e3zV7l3232PhtJCq9y2xi0swrXN_E6GUHsqeA8kV-EhNTGnjbIHls0SmAraALSPMU/" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="444" data-original-width="687" height="414" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-tkzQll5VoyBDHRvbv1CyjiwWsHhhWsoMyboVVcY0Hfuwsrjv0EhAd9X91TbXXe1QzU2n5MI9k-e3zV7l3232PhtJCq9y2xi0swrXN_E6GUHsqeA8kV-EhNTGnjbIHls0SmAraALSPMU/w640-h414/image.png" width="640" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div></div>Si tienes los contactos o recursos adecuados para ayudarme a desmantelar este tipo de fraudes a escala, no dudes en ponerte en contacto conmigo.<p></p><p><br /></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-23537778417142638312021-10-20T23:30:00.008+02:002021-10-21T08:33:46.573+02:00Desenmascara.me ha impedido un fraude que llevaba acumulados mas de $25.000 en tres días<p><a href="https://desenmascara.me">desenmascara.me </a>el <b>servicio online gratuito para detectar si una pagina web es fraudulenta o no a conseguido frustrar un fraude que en 3 días había estafado mas de <span style="font-size: large;">$25.000</span> a <span style="font-size: large;">40</span> personas.</b></p><p><br /></p><p>Todo empezó a través de este correo que llego a mi buzón:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTpDXn56WeJIKM2dpnqTaWZYfUdHyfRdklJ8_ySe5FMPlEaE6DY7KCQlER0rfjjA_2GX4GA6toH5L5aOZMqxsZp9xsiSsprwWdB_755C8lMkZ2rjJZe_WP_k4k1mz0Dq91nuyw3TYfO44/s286/Screen+Shot+2021-10-21+at+8.33.13+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="124" data-original-width="286" height="173" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTpDXn56WeJIKM2dpnqTaWZYfUdHyfRdklJ8_ySe5FMPlEaE6DY7KCQlER0rfjjA_2GX4GA6toH5L5aOZMqxsZp9xsiSsprwWdB_755C8lMkZ2rjJZe_WP_k4k1mz0Dq91nuyw3TYfO44/w400-h173/Screen+Shot+2021-10-21+at+8.33.13+AM.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><p>Me llegan bastantes correos de gente que tiene dudas ante gestiones online potencialmente fraudulentas o que han sido estafadas y piden consejo. Reviso mails por encima y para optimizar tiempo respondo a los que veo más interesantes y que puedan servir para mejorar el servicio de desenmascara.me. Si deseas ponerte en contacto conmigo con garantía absoluta de que te responda, puedes hacerlo a través del servicio <a href="https://www.mypublicinbox.com/ecasbas">MyPublicInbox</a>.</p><p>A dicho usuario le conteste para que me indicase a que pagina web se refería:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhASgnsZ5q7-FzqffK6Dw-8PR2i7Qy_grPWkfgo42p-2Bih4MO4maq236eh9o1LeqmOMYULROTNF9pBbgUWN1VeIuYN_Xi9UxLdYOzL9NIteM7XAiRRm8rU5G_3h16zR5PGARr0bJm15g4/s404/Screen+Shot+2021-10-20+at+10.50.19+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="240" data-original-width="404" height="238" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhASgnsZ5q7-FzqffK6Dw-8PR2i7Qy_grPWkfgo42p-2Bih4MO4maq236eh9o1LeqmOMYULROTNF9pBbgUWN1VeIuYN_Xi9UxLdYOzL9NIteM7XAiRRm8rU5G_3h16zR5PGARr0bJm15g4/w400-h238/Screen+Shot+2021-10-20+at+10.50.19+PM.png" width="400" /></a></div><p><br /></p><p>Dicho usuario me contesto sin hacer uso de muchas palabras:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUEHuX_v6Ut1hIvvLrt4A-we3lQMFWJL4o1SMAEEmxOsuSWS1Qv_bvWh5LCqdRDgjbAdEoD4TpCI9_HGar3ygulM4kIMgjd2gcPBjD2iPxIq1a_6IWCuLtdGljknT6xrXdPL2TOb13ABA/s332/Screen+Shot+2021-10-20+at+10.53.12+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="148" data-original-width="332" height="179" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUEHuX_v6Ut1hIvvLrt4A-we3lQMFWJL4o1SMAEEmxOsuSWS1Qv_bvWh5LCqdRDgjbAdEoD4TpCI9_HGar3ygulM4kIMgjd2gcPBjD2iPxIq1a_6IWCuLtdGljknT6xrXdPL2TOb13ABA/w400-h179/Screen+Shot+2021-10-20+at+10.53.12+PM.png" width="400" /></a></div><p><br /></p><p>Comprobé dicha web en desenmascara.me y a través de diversos criterios del análisis de metadatos fue clasificada como fraudulenta. Abajo se puede ver el mensaje de fraudulenta a través del uso del <a href="https://chrome.google.com/webstore/detail/desenmascarame-fake-web-v/egimhkfghkdkffalnjbkeoidpildondf">plugin de Chrome.</a></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisvvwyswrPgVENmPYQuxXfI0iVvyIL_4Bsy-Odxn1tWKWiy3aQ6JQRLvqCOBXBZ8TyfurvcFTyhuNDV-Q1jFD4Z1o5IMDN4RNWuo72XmRg60Lm9CTce7A1_oihNDE-8h6qg6bFBNYJX50/s1187/polka.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="804" data-original-width="1187" height="434" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisvvwyswrPgVENmPYQuxXfI0iVvyIL_4Bsy-Odxn1tWKWiy3aQ6JQRLvqCOBXBZ8TyfurvcFTyhuNDV-Q1jFD4Z1o5IMDN4RNWuo72XmRg60Lm9CTce7A1_oihNDE-8h6qg6bFBNYJX50/w640-h434/polka.png" width="640" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: left;">Dicha web fraudulenta se aprovechaba del nombre de un conocido proyecto de Blockchain (polkastarter.com). Dicha técnica se denomina <a href="https://en.wikipedia.org/wiki/Brandjacking">Brandjacking</a>. Una vez la web había sido clasificada como fraudulenta, notifique al usuario:</div><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSvM2_Mmx3scgg2rcy8pw7E8MjIV6i-tJmpuyMP0eU10ki4yRaENge6edVJb8xtCiIIQNR5qgM9x9Vvejq2O2OD9DcadsaEvktrrQ29PWAd3g7gw8MKqSJ8tMK5_diRAr_v8TgPBT7E8s/s477/Screen+Shot+2021-10-20+at+11.07.32+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="263" data-original-width="477" height="220" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSvM2_Mmx3scgg2rcy8pw7E8MjIV6i-tJmpuyMP0eU10ki4yRaENge6edVJb8xtCiIIQNR5qgM9x9Vvejq2O2OD9DcadsaEvktrrQ29PWAd3g7gw8MKqSJ8tMK5_diRAr_v8TgPBT7E8s/w400-h220/Screen+Shot+2021-10-20+at+11.07.32+PM.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: left;">En este momento, también observe que la web fraudulenta estaba alojada sobre una plataforma de hosting que suele ser muy colaborativa en cuanto a la petición de eliminación de paginas fraudulentas, algo que no suele ser muy habitual por temas legales, y como no, de negocio. Así que me puse en contacto con ellos para notificarles que estaban alojando una pagina web fraudulenta. Mi sorpresa fue mayúscula cuando me respondieron a los pocos minutos indicando que dicha web había sido eliminada tras mi solicitud.</div><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: left;">Así que con ese sentimiento de alegría y adrenalina que te da el trabajo bien hecho, notifique tambien al usuario que me había informado de dicha web:</div><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieE-wJeQVcc1TPVy0b1kSr5swerrSDiTNcs0YrWpONqVmVJ-vXaqgjO3w6Kt93AdB8SsDEWNoenOXJRG_tX4CBIzCoOcdBvCJYq4PwlN1ucFkTTluIKOvKbq9755ZEHjbP4AZtgd7-RUA/s664/Screen+Shot+2021-10-20+at+11.13.43+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="287" data-original-width="664" height="277" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieE-wJeQVcc1TPVy0b1kSr5swerrSDiTNcs0YrWpONqVmVJ-vXaqgjO3w6Kt93AdB8SsDEWNoenOXJRG_tX4CBIzCoOcdBvCJYq4PwlN1ucFkTTluIKOvKbq9755ZEHjbP4AZtgd7-RUA/w640-h277/Screen+Shot+2021-10-20+at+11.13.43+PM.png" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: left;">Mi sorpresa final vino cuando dicho usuario me contesto:</div><div class="separator" style="clear: both; text-align: left;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf_o3UbCdR0M3fKm70IKPGO6cqtIAgcUeymdyL5edJuK-q-kPOvlmMBuMNq6eRkO_5mvECJu48GzeadgtUlcUl-UYYcIdLD0MHv1THmXuJ9nxRzk5VYpeVykh1jKEUuAip4Sg-J5wTKS0/s714/Screen+Shot+2021-10-20+at+11.17.15+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="179" data-original-width="714" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf_o3UbCdR0M3fKm70IKPGO6cqtIAgcUeymdyL5edJuK-q-kPOvlmMBuMNq6eRkO_5mvECJu48GzeadgtUlcUl-UYYcIdLD0MHv1THmXuJ9nxRzk5VYpeVykh1jKEUuAip4Sg-J5wTKS0/w640-h160/Screen+Shot+2021-10-20+at+11.17.15+PM.png" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: left;"><br /></div>Identificar a la persona titular de la web es ya asunto de las fuerzas policiales. <div>El servicio de <a href="https://desenmascara.me">desenmascara.me</a> es un recurso gratuito para ayudar a cualquier persona a saber si una pagina web es fraudulenta o no.</div><div><br /></div><div>Tengo muchas ideas en la cabeza para evitar este tipo de fraudes a escala. Pero para ello necesito los contactos adecuados en instituciones y cuerpos policiales, algo que he intentado pero sin mucho éxito todavía. No dudes en ponerte en contacto conmigo si crees que puedes ayudar. Muchas gracias.</div><div><br /><div><br /></div></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-15185281125583903052021-02-24T22:39:00.004+01:002021-03-11T23:25:35.418+01:00Rogue websites: Domain registrars have a duty to disconnect<p>This is quite a controversial topic thus this post is a placeholder for law/GDPR related articles on this topic.</p><p><br /></p><p><b>Article 1)</b></p><p><span face=""Proxima Nova", Lato, "Helvetica Neue", Helvetica, Arial, sans-serif" style="background-color: white; color: #333333; font-size: 17.402px;"><b><i></i></b></span></p><blockquote><i>"The German BGH decision confirms that domain registrars have a duty of care to disconnect domains used by websites dedicated to copyright infringement. It is interesting that the BGH did not see domain registrars as access providers, but still applied the duties of care for access providers to them. This needs to be welcomed as a clarification of open legal issues not only in Germany. That said, it would have been good if the BGH had referred some of the open EU law questions to the CJEU. We will have to wait for another day for a final decision on Union law."<span style="font-size: 17.402px;"> </span></i></blockquote><blockquote><i><a href="http://copyrightblog.kluweriplaw.com/2021/02/15/rogue-websites-domain-registrars-have-a-duty-to-disconnect-says-german-bgh/" style="background-color: transparent;">Rogue websites: Domain registrars have a duty to disconnect, says German BGH</a><span style="background-color: transparent;">. Decision available in </span><a href="https://juris.bundesgerichtshof.de/cgi-bin/rechtsprechung/document.py?Gericht=bgh&Art=en&az=I%20ZR%2013/19&nr=112397" style="background-color: transparent;">German</a><span style="background-color: transparent;">.</span></i></blockquote><p></p><p></p><div><br /></div><div><br /></div><div><br /></div><div><div class="page" title="Page 3"><div class="section"><div class="layoutArea"><div class="column"><p><b>Article 2)</b></p><p><span face=""Proxima Nova", Lato, "Helvetica Neue", Helvetica, Arial, sans-serif" style="background-color: white; color: #333333; font-size: 17.402px;"><b><i></i></b></span></p><p style="text-align: justify;"><span style="font-family: Calibri; font-size: 11pt;">The General Data Protection Regulation (GDPR) was adopted by the European Union (EU) and took full</span></p></div></div><div class="layoutArea"><div class="column"><p style="text-align: justify;"><span style="font-family: Calibri; font-size: 11pt;">effect on 25 May 2018. Which are the effects to its policy?</span></p></div></div></div></div></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCiB-YG-EckxNU1hDZqkTaX6JI6c-yhPE6SjYOR8dhvgv8p3mIlpjcG6leCUoDWmFZPqv_cEgBwcMBuRsZnX6bv3a098yiXKij0FmgQ8RDsRv0Y1-v5_u8hERN3bhrvQGxDcS_Vi7baD8/s1124/Screen+Shot+2021-03-11+at+11.22.03+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="369" data-original-width="1124" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCiB-YG-EckxNU1hDZqkTaX6JI6c-yhPE6SjYOR8dhvgv8p3mIlpjcG6leCUoDWmFZPqv_cEgBwcMBuRsZnX6bv3a098yiXKij0FmgQ8RDsRv0Y1-v5_u8hERN3bhrvQGxDcS_Vi7baD8/w640-h210/Screen+Shot+2021-03-11+at+11.22.03+PM.png" width="640" /></a></div><br /><div style="text-align: center;">Source: <span style="font-size: x-small;"><a href="http://www.interisle.net/ContactStudy2021.pdf"><span style="color: #770c0b; font-family: Palatino, "Times New Roman", Times, serif;">WHOIS Contact Data Availability and </span><span style="color: #770c0b; font-family: Palatino, "Times New Roman", Times, serif;">Registrant Classification Study</span></a></span></div><div> </div><p></p>Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-1876950682046418214.post-2268303838475526032020-08-17T23:45:00.001+02:002020-08-17T23:45:46.579+02:00Would you say this website is legitimate or FAKE?<p> With <a href="http://desenmascara.me">desenmascara.me</a> I come across the website as in the picture below:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbYlAgfapWqfux6g6Q36d_QCMD-3cbowCZCbtatWXCkCHuSRRFDaAsDxX7kRQgqp0D6fMPBq7xHTZ8DbP8WeiDBOtJWpYEeealkemrBSlYtjYfu9PsgmL_nSmZdvEaIQcFvxcXDZwa0BY/s1349/Screen+Shot+2020-08-17+at+10.23.30+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="793" data-original-width="1349" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbYlAgfapWqfux6g6Q36d_QCMD-3cbowCZCbtatWXCkCHuSRRFDaAsDxX7kRQgqp0D6fMPBq7xHTZ8DbP8WeiDBOtJWpYEeealkemrBSlYtjYfu9PsgmL_nSmZdvEaIQcFvxcXDZwa0BY/s640/Screen+Shot+2020-08-17+at+10.23.30+PM.png" width="640" /></a></div><p style="text-align: center;"><span style="font-size: small;">Fig 1: Section of the main site</span></p><p><br /></p><p>The web address is like: https://$brand-boutique-montreal.com ( I have masked the brand purposely )</p><p>The domain will expire in 73 days since today as per the 2 pictures below:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmn6bdFmufxbtkFQ4wNvJDTnj9q6xP9Soaqo5CO8YZeQh_n_5twfaEY10382AJ3qEhhFusP-Ti3sOOesTcuE5XeBYRwy1NDYuPHzopJiLANJZFIIpvtmwsA1HWW3gMhCozruSmMsuTf9U/s329/Screen+Shot+2020-08-17+at+11.36.54+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="90" data-original-width="329" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmn6bdFmufxbtkFQ4wNvJDTnj9q6xP9Soaqo5CO8YZeQh_n_5twfaEY10382AJ3qEhhFusP-Ti3sOOesTcuE5XeBYRwy1NDYuPHzopJiLANJZFIIpvtmwsA1HWW3gMhCozruSmMsuTf9U/s0/Screen+Shot+2020-08-17+at+11.36.54+PM.png" /></a></div><p style="text-align: center;"><span style="font-size: small;">Fig 2: <a href="https://research.domaintools.com">Domain tools</a> information about domain </span></p><p style="text-align: center;"><span style="font-size: small;"><br /></span></p><p style="text-align: center;"><span style="font-size: small;"><br /></span></p><p style="text-align: center;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjSpPD9rn9VeiMJt1cV1lA7TU2KKjadvGuQsTjWWq0hY_WJlTr5fBcpe0KDl_s7_4CSWo2CCksz6Ya6qyPTztL0Wwxdu9EmrFBaoJnTsJh7OoqGgaKezeMLerqALS7QB7N9W7qP8j_Wio/s343/Screen+Shot+2020-08-17+at+11.39.23+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="80" data-original-width="343" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjSpPD9rn9VeiMJt1cV1lA7TU2KKjadvGuQsTjWWq0hY_WJlTr5fBcpe0KDl_s7_4CSWo2CCksz6Ya6qyPTztL0Wwxdu9EmrFBaoJnTsJh7OoqGgaKezeMLerqALS7QB7N9W7qP8j_Wio/s0/Screen+Shot+2020-08-17+at+11.39.23+PM.png" /></a></div><span style="font-size: small;">Fig 3: Information provided by <a href="http://desenmascara.me">desenmascara.me</a> about the domain</span><p></p><p style="text-align: center;"><br /></p><p style="text-align: left;">With just the above information would you say such website is legitimate or fake?.</p><p style="text-align: left;">Hint: Nowadays it´s not so easy to differentiate FAKE websites among legitimate ones.</p><p style="text-align: center;"><span style="font-size: small;"><br /></span></p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-34299831485366139542020-08-03T22:49:00.003+02:002020-08-03T22:49:40.324+02:00FBI SEES RISE IN ONLINE SHOPPING SCAMS<div style="box-sizing: border-box; color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: 18px; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; text-align: justify; word-break: break-word; word-wrap: break-word;">
The U.S. Federal Bureau of Investigation (FBI) today <a href="https://www.ic3.gov/media/2020/200803.aspx" target="_blank">warned</a> of an increased number of reports coming from victims of online shopping scams. </div>
<div style="box-sizing: border-box; color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: 18px; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; text-align: justify; word-break: break-word; word-wrap: break-word;">
This is an increasing fraud since few years ago. In 2017 I wrote the paper "<a href="https://www.sans.org/reading-room/whitepapers/detection/paper/37697" target="_blank">Tracking online counterfeiters</a>" and the above FBI alert just highlight what we already knew a while ago.</div>
<div style="box-sizing: border-box; color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: 18px; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; text-align: justify; word-break: break-word; word-wrap: break-word;">
With the <a href="http://desenmascara.me/">desenmascara.me</a> service I usually receive complains of users who have been lured online. The last example, I have this email in my inbox:</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4xO1Sl54ncioRXxF3dC_bUBxunDIK-S3Q3ZaP-qEANlV8Ou3ggcwHzAwZ9ccsw53IjLqZ9KIgVUg1_YDmDkn1aevEtCBepgJgB0aEfrzRnXmRuYSX6rCRdBwXospIeAj0RonrHy1_sNo/s1600/Screen+Shot+2020-08-03+at+10.37.10+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="117" data-original-width="1162" height="64" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4xO1Sl54ncioRXxF3dC_bUBxunDIK-S3Q3ZaP-qEANlV8Ou3ggcwHzAwZ9ccsw53IjLqZ9KIgVUg1_YDmDkn1aevEtCBepgJgB0aEfrzRnXmRuYSX6rCRdBwXospIeAj0RonrHy1_sNo/s640/Screen+Shot+2020-08-03+at+10.37.10+PM.png" width="640" /></a></div>
<div style="box-sizing: border-box; color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: 18px; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; word-break: break-word; word-wrap: break-word;">
<br /></div>
<div style="box-sizing: border-box; color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: 18px; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; text-align: justify; word-break: break-word; word-wrap: break-word;">
Usually the tips I give to users who write me are:</div>
<div style="box-sizing: border-box; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; word-break: break-word; word-wrap: break-word;">
</div>
<ol>
<li style="text-align: justify;"><span style="color: #262626; font-family: Georgia, times new roman, Times, serif; font-size: medium;"><span style="caret-color: rgb(38, 38, 38);">Fill in a complaint into the nearest LEA office. Also i</span></span><span style="caret-color: rgb(38, 38, 38); color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: medium;">f you are <a href="https://www.ic3.gov/default.aspx" target="_blank">US based you can fill in a complain online here</a>. If you are based in <a href="https://www.europol.europa.eu/report-a-crime/report-cybercrime-online" target="_blank">Europe, you can report it here</a>.</span></li>
<li style="text-align: justify;"><span style="color: #262626; font-family: Georgia, times new roman, Times, serif; font-size: medium;"><span style="caret-color: rgb(38, 38, 38);">Before making any purchase online, verify into <a href="https://desenmascara.me/">https://desenmascara.me</a> the website you are in front of. Still in doubts, you can <a href="http://desenmascara.me/contacto/" target="_blank">just ask us</a>.</span></span></li>
</ol>
<div style="text-align: justify;">
<span style="color: #262626; font-family: Georgia, times new roman, Times, serif; font-size: medium;"><span style="caret-color: rgb(38, 38, 38);"><br /></span></span></div>
<div style="text-align: justify;">
<span style="font-family: Georgia, times new roman, Times, serif; font-size: medium;"><span style="caret-color: rgb(38, 38, 38);"><span style="color: #262626;">In the above case, when I tried to analyze the website warned by the user, I noticed that the website had just been analyzed (minutes ago) into desenmascara.me and to my surprise, it was automatically flagged as "</span><span style="color: red;"><b>Fraudulent!!</b></span></span></span><span style="caret-color: rgb(38, 38, 38); color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: medium;">"</span></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNxp6HvnbBGvG7erRo0hQK_Wi_bIS_21xGW4SzTdPa6hHVyE5QY5SiSmDdFvcNSuokIHp1KpCxv8vg2-KoedXL_H9ccZaOX9dpBvSzq0tOGAvOGijr1O708U8Ho1JmnBaccBLsj-eQN5U/s1600/Screen+Shot+2020-08-03+at+10.45.59+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="283" data-original-width="771" height="234" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNxp6HvnbBGvG7erRo0hQK_Wi_bIS_21xGW4SzTdPa6hHVyE5QY5SiSmDdFvcNSuokIHp1KpCxv8vg2-KoedXL_H9ccZaOX9dpBvSzq0tOGAvOGijr1O708U8Ho1JmnBaccBLsj-eQN5U/s640/Screen+Shot+2020-08-03+at+10.45.59+PM.png" width="640" /></a></div>
<div>
<span style="caret-color: rgb(38, 38, 38); color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: medium;"><br /></span></div>
<br />
<div style="box-sizing: border-box; color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: 18px; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; text-align: justify; word-break: break-word; word-wrap: break-word;">
Therefore, my advice to anyone online, before making any purchase online, you can either try to follow all the "<a href="https://www.ic3.gov/media/2020/200803.aspx" target="_blank">FBI tips to avoid being victimized</a>" or simply just type the web address of the website into https://desenmascara.me and in a few seconds you will know whether is fraudulent or not.</div>
<div style="box-sizing: border-box; color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: 18px; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; word-break: break-word; word-wrap: break-word;">
<br /></div>
<div style="box-sizing: border-box; color: #262626; font-family: Georgia, "times new roman", Times, serif; font-size: 18px; line-height: 1.4em; margin-bottom: 15px; margin-top: 15px; overflow-wrap: break-word; word-break: break-word; word-wrap: break-word;">
<br /></div>
<br class="Apple-interchange-newline" />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-77660670292459910022020-04-13T15:04:00.002+02:002020-06-08T23:20:14.249+02:00Fraudulent websites examples to lure online users <div style="text-align: justify;">
<b>COVID-19</b> crisis is driving the global growth of e-commerce sales, with millions of citizens worldwide in quarantine shopping for goods online. Online fraud has always been there, but it is specially at the current time when everyone should be fully aware. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
In order to raise some light how these fraudulent websites looks like, below you can find a small extract of real examples of fraudulent websites targeting famous brands but also common goods. All those fraudulent websites were captured and flagged with <a href="http://desenmascara.me/">desenmascara.me</a> and online tool to help you know whether a website is legitimate or not.</div>
<br />
If any good is purchased through any of those websites or any other similar, 3 things could happen:<br />
<br />
<ol>
<li><i>You will not receive any good at all.</i></li>
<li><i>You will not receive any good at all and your credit card information and personal data might be stolen</i></li>
<li><i>You will receive goods but will be fake and low quality </i></li>
</ol>
<br />
Screenshots of fraudulent websites. If you are a brand owner and would like to remove you brand from these list just let me know. This content is just to raise awareness of fraudulent websites trying to lure online users.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgT39qFL6H0HLw8aSzMNlR4OVeEVthyphenhyphenjZj_ZifV4oacqZC1EKNd-5sxUjSWVBWQOufG6t_Z7_335NHezIWZCTnBwSzEEgbGd2jm9tm7DptNVILS-DmyBvSXT98jGvHmRx3i8GEMzko1wm8/s1600/Screen+Shot+2020-04-13+at+2.48.45+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="943" data-original-width="1216" height="496" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgT39qFL6H0HLw8aSzMNlR4OVeEVthyphenhyphenjZj_ZifV4oacqZC1EKNd-5sxUjSWVBWQOufG6t_Z7_335NHezIWZCTnBwSzEEgbGd2jm9tm7DptNVILS-DmyBvSXT98jGvHmRx3i8GEMzko1wm8/s640/Screen+Shot+2020-04-13+at+2.48.45+PM.png" width="640" /></a></div>
<br />
<div>
</div>
<br />
<div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
Fig 1: Counterfeit-related website targeting KN95 respirators face masks</div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj670eq1Psdo0GgSW_Oj6SoyiQwm3oNMcX678Oc688HoNiVgE2m6X87qUs-GlxytDCBtPnNdeRfMzQ5LigK-33G4OVA_-7zTjQC8cxaHwzeweI8sNkEt04HoR0K1umsC104lZXyGNgIPJk/s1600/Screen+Shot+2020-02-13+at+12.35.07+AM.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="793" data-original-width="1286" height="394" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj670eq1Psdo0GgSW_Oj6SoyiQwm3oNMcX678Oc688HoNiVgE2m6X87qUs-GlxytDCBtPnNdeRfMzQ5LigK-33G4OVA_-7zTjQC8cxaHwzeweI8sNkEt04HoR0K1umsC104lZXyGNgIPJk/s640/Screen+Shot+2020-02-13+at+12.35.07+AM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 2: Counterfeit-related website targeting the <b>Adidas</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0fHSbspExmrAawFqRQA6vEXxDEJl1psVWWqqI_7xO8imic1WyB6Tp4uAiJUsNdiqx4yacVcJpMg3skA9HDoroUuOE7Zbl0eqpKTkYF00rrfAaSfbhjyJaVPrPK0p-j1aDdt8QnVEclQg/s1600/Screen+Shot+2020-04-13+at+2.37.54+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="944" data-original-width="1241" height="484" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0fHSbspExmrAawFqRQA6vEXxDEJl1psVWWqqI_7xO8imic1WyB6Tp4uAiJUsNdiqx4yacVcJpMg3skA9HDoroUuOE7Zbl0eqpKTkYF00rrfAaSfbhjyJaVPrPK0p-j1aDdt8QnVEclQg/s640/Screen+Shot+2020-04-13+at+2.37.54+PM.png" width="640" /></a></div>
<br />
<div>
</div>
<br />
<div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
Fig 3: Counterfeit-related website targeting <b>Agatha Ruiz de la Prada</b> brand</div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
</div>
<br />
<br />
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi37Mn_R-sgOvWIuobdFiFpt0Chk8M2fnDO-_1nidiz62DGfNYOMC5ytDxeKMda-IfYl3NlBazZZIUylsabvUJdnL9govuPuZKfeqKzwLqgDwN00ugaec4TZn1bWVZjQevy_m0bQuAlUWY/s1600/Screen+Shot+2020-02-13+at+12.31.40+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="791" data-original-width="1266" height="396" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi37Mn_R-sgOvWIuobdFiFpt0Chk8M2fnDO-_1nidiz62DGfNYOMC5ytDxeKMda-IfYl3NlBazZZIUylsabvUJdnL9govuPuZKfeqKzwLqgDwN00ugaec4TZn1bWVZjQevy_m0bQuAlUWY/s640/Screen+Shot+2020-02-13+at+12.31.40+AM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 4: Counterfeit-related website targeting the <b>Aldo</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMl5aeuRicxxublYaPfkxhAzi2Wi98qjl5MSOCdawJX2ehocVJl3He9r8wvPlHlt_3d6Ve-Oijv6bRvHKHfF4EFzOe-RFh73XUVS9lW80eaaPCqNH1BHPWnHqa2V8Kz24BJ-q0257cxMc/s1600/Screen+Shot+2020-04-13+at+12.55.23+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="884" data-original-width="1214" height="465" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMl5aeuRicxxublYaPfkxhAzi2Wi98qjl5MSOCdawJX2ehocVJl3He9r8wvPlHlt_3d6Ve-Oijv6bRvHKHfF4EFzOe-RFh73XUVS9lW80eaaPCqNH1BHPWnHqa2V8Kz24BJ-q0257cxMc/s640/Screen+Shot+2020-04-13+at+12.55.23+AM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
Fig 5: Counterfeit-related website targeting the <b>Armani</b> brand</div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh8UE6PGDRjja5YyqowNBDIX9cWn7Ui-dx3qITX9gNNEJ-QH78wHP6GDz7pHo4z-SvuKo32cRzxQSOmKoRsUUXtXIGwnXbP3iqiJ4kwTrpjWNmpxJjoDAPzQpptve38Ynv-WmR-D7DUZ0/s1600/Screen+Shot+2020-04-13+at+10.13.09+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="890" data-original-width="1252" height="454" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh8UE6PGDRjja5YyqowNBDIX9cWn7Ui-dx3qITX9gNNEJ-QH78wHP6GDz7pHo4z-SvuKo32cRzxQSOmKoRsUUXtXIGwnXbP3iqiJ4kwTrpjWNmpxJjoDAPzQpptve38Ynv-WmR-D7DUZ0/s640/Screen+Shot+2020-04-13+at+10.13.09+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 6: Counterfeit-related website targeting the <b>Asics</b> brand</div>
<div>
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinmL7-qZAYKqdSGaUHLqyMW-gdW2hBi8DlwGr0MNwbjkhjQ30N3o6lCDLw9JtYTpQpd-I87n9yj4CvKYb8DnUjVxGQ-8PHX7BroDw-hm1MkeuutEJfFKPLN6I0c7OU1zTF00C1nQTap_s/s1600/Screen+Shot+2020-05-31+at+12.03.44+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="818" data-original-width="1211" height="432" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinmL7-qZAYKqdSGaUHLqyMW-gdW2hBi8DlwGr0MNwbjkhjQ30N3o6lCDLw9JtYTpQpd-I87n9yj4CvKYb8DnUjVxGQ-8PHX7BroDw-hm1MkeuutEJfFKPLN6I0c7OU1zTF00C1nQTap_s/s640/Screen+Shot+2020-05-31+at+12.03.44+AM.png" width="640" /></a></div>
<br />
<div>
</div>
<br />
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
Fig 6: Counterfeit-related website targeting the <b>Calvin Klein</b> brand</div>
</div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7-US6_Je-FyMdoSeVhRXUHmp_AZ3isp69KcXkoBugjPlRmeJkxA7NPH5WZzyrfLc7S1LlXNDjrWsQ3cu4igmiIbV4xHLXcT2AGcgESqM5XP2IthogWWwfZghlE_L2fBn7FDC_eYT4k7I/s1600/Screen+Shot+2020-02-24+at+8.01.46+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="752" data-original-width="1435" height="334" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7-US6_Je-FyMdoSeVhRXUHmp_AZ3isp69KcXkoBugjPlRmeJkxA7NPH5WZzyrfLc7S1LlXNDjrWsQ3cu4igmiIbV4xHLXcT2AGcgESqM5XP2IthogWWwfZghlE_L2fBn7FDC_eYT4k7I/s640/Screen+Shot+2020-02-24+at+8.01.46+PM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 7: Counterfeit-related website targeting the <b>CAT</b> brand</div>
</div>
<div>
<br /></div>
<br />
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyOFAqcjO8rtzHAIt-cllSK-oa2MGkpkCTRalMHJilkYZDfXDIdQdnovV8o3HrXT4bmzLypUgPY2dZPT6QbvJ9MtdPnWOS5e0eEQJf4GJAj5wYqIrvWltXkZoPIrMn7Rs2_e8EajVF-8E/s1600/Screen+Shot+2020-02-03+at+10.42.07+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="788" data-original-width="1421" height="354" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyOFAqcjO8rtzHAIt-cllSK-oa2MGkpkCTRalMHJilkYZDfXDIdQdnovV8o3HrXT4bmzLypUgPY2dZPT6QbvJ9MtdPnWOS5e0eEQJf4GJAj5wYqIrvWltXkZoPIrMn7Rs2_e8EajVF-8E/s640/Screen+Shot+2020-02-03+at+10.42.07+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 8: Counterfeit-related website targeting the <b>Clarks</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVZH2OPAtTQ_AoUpyZN9n8L6Hc4NkAlpizMxu1xKO5Ikp2FrvMdVYE5lsQ7_Yb9Uq4AL9Oi6nQj5hLht-TDX649NWxz5P-xSV_xLBocgrZK6xiKnX5IcQafUBM4aC0xwjTVRpvjn9n0mw/s1600/Screen+Shot+2020-04-13+at+1.13.23+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="934" data-original-width="1256" height="473" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVZH2OPAtTQ_AoUpyZN9n8L6Hc4NkAlpizMxu1xKO5Ikp2FrvMdVYE5lsQ7_Yb9Uq4AL9Oi6nQj5hLht-TDX649NWxz5P-xSV_xLBocgrZK6xiKnX5IcQafUBM4aC0xwjTVRpvjn9n0mw/s640/Screen+Shot+2020-04-13+at+1.13.23+PM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
Fig 9: Counterfeit-related website targeting the <b>Converse</b> brand</div>
</div>
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimjSqJSQGQWi61YypwmzQCA2NDf76O4DcNzguJaZ8oNinzVXYZFtB6SK8IrKfrcxFA7DV67VEojI9zdslK7w5Wwtguk3jYvIVcWq_ceoFikJOBdHGxgLNQj0mLIJevGt9wEkbU9HbUOLo/s1600/Screen+Shot+2020-06-08+at+11.18.47+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="769" data-original-width="1424" height="344" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimjSqJSQGQWi61YypwmzQCA2NDf76O4DcNzguJaZ8oNinzVXYZFtB6SK8IrKfrcxFA7DV67VEojI9zdslK7w5Wwtguk3jYvIVcWq_ceoFikJOBdHGxgLNQj0mLIJevGt9wEkbU9HbUOLo/s640/Screen+Shot+2020-06-08+at+11.18.47+PM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 10: Counterfeit-related website targeting the <b>Desigual</b> brand</div>
</div>
<div>
<br /></div>
<div>
</div>
<div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7kaP_T81jmWHt-MlOfxZqRobfDCZzCUwURU01EAClUzk2IJqEphLZhr3UmU_J-IHX1gR9rnrcpR_VAylC-cnfxNKSIXTeLuhCu1bWOvSCv825rjWYJlBXF1EWyeJv8yaBTdag3hl3T4c/s1600/Screen+Shot+2020-04-13+at+10.16.24+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="936" data-original-width="1239" height="482" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7kaP_T81jmWHt-MlOfxZqRobfDCZzCUwURU01EAClUzk2IJqEphLZhr3UmU_J-IHX1gR9rnrcpR_VAylC-cnfxNKSIXTeLuhCu1bWOvSCv825rjWYJlBXF1EWyeJv8yaBTdag3hl3T4c/s640/Screen+Shot+2020-04-13+at+10.16.24+AM.png" width="640" /></a></div>
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
Fig 10: Counterfeit-related website targeting the <b>Dr Martens</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPPLk7BOjbB3NNS-hQ2PpwMNMR3bgBd82zvzzVUTwYeELY9IO7li1mU4pcu7P-1JxWT5G7A3VcSEVG0u5y86aLd6OmLUy5mj0aEXn2UclFAqsAKxW83ae1Jo-mS15WxFuupI85iMvnj7s/s1600/Screen+Shot+2020-02-03+at+11.08.42+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="772" data-original-width="1287" height="382" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPPLk7BOjbB3NNS-hQ2PpwMNMR3bgBd82zvzzVUTwYeELY9IO7li1mU4pcu7P-1JxWT5G7A3VcSEVG0u5y86aLd6OmLUy5mj0aEXn2UclFAqsAKxW83ae1Jo-mS15WxFuupI85iMvnj7s/s640/Screen+Shot+2020-02-03+at+11.08.42+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 11: Counterfeit-related website targeting the <b>ecco</b> brand among others</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1-FkAVmBEIuN771kLytyxHlETnZuN0d3ZDyTNqS2noMQLDxO-FHUIAxzedd4pFGQ5heoe6p38fN8j0BKqWUeakHRFJQIAuIf0JXQDDC1pdAMhkYo_Mv3KKIDpHr8TEfBvl7ZgmZBOkfQ/s1600/Screen+Shot+2020-04-13+at+10.37.08+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="878" data-original-width="1258" height="446" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1-FkAVmBEIuN771kLytyxHlETnZuN0d3ZDyTNqS2noMQLDxO-FHUIAxzedd4pFGQ5heoe6p38fN8j0BKqWUeakHRFJQIAuIf0JXQDDC1pdAMhkYo_Mv3KKIDpHr8TEfBvl7ZgmZBOkfQ/s640/Screen+Shot+2020-04-13+at+10.37.08+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 12: Counterfeit-related website targeting the <b>Giuseppe Zanotti</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKUKeef9XMV8z-cjKdwdd3BxxoA5F7zn25LFNr7AkGOsD1s6DzkXWb3S-mFl1K6BNdJ1ULNzqNqgYTW_MNmb4Km2PRZkEqeV4PWvTt1d8WIDPHxnDvPUzEtBmiViUvcrtO-_GZS_ahD5U/s1600/Screen+Shot+2020-04-13+at+10.36.06+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="934" data-original-width="1257" height="474" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKUKeef9XMV8z-cjKdwdd3BxxoA5F7zn25LFNr7AkGOsD1s6DzkXWb3S-mFl1K6BNdJ1ULNzqNqgYTW_MNmb4Km2PRZkEqeV4PWvTt1d8WIDPHxnDvPUzEtBmiViUvcrtO-_GZS_ahD5U/s640/Screen+Shot+2020-04-13+at+10.36.06+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 13: Counterfeit-related website targeting the <b>Golden Goose</b> brand </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGBGDxj7Iwzb40dmJaAR-PVMNiMHeZYf8S2KoM4C7WtvOC7wCROkixaCkcqYFT2MTwsoNrUArLeAzt1LOiOjpfCW1T2XpYsh-rLu4GOJqa69lOVmU0LUez62QlLCj88bLpKcLFjFltYRw/s1600/Screen+Shot+2020-02-03+at+11.09.20+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="752" data-original-width="1331" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGBGDxj7Iwzb40dmJaAR-PVMNiMHeZYf8S2KoM4C7WtvOC7wCROkixaCkcqYFT2MTwsoNrUArLeAzt1LOiOjpfCW1T2XpYsh-rLu4GOJqa69lOVmU0LUez62QlLCj88bLpKcLFjFltYRw/s640/Screen+Shot+2020-02-03+at+11.09.20+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 14: Counterfeit-related website targeting the <b>Hogan</b> brand among others</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAGmIv2JTZYX8BJYM5Sr-BRcYYW8ZifRLKUx9vvEW1eDCbrGe227MhJ227xMkxhXudyoIxQ3VK158xu_6tLzt2rKM1LmR-sMR7FFvLRsXlR816Xt8rnwbeWxYmP-TY2vrUuAex4-qRg0Y/s1600/Screen+Shot+2020-01-31+at+11.40.48+PM.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="832" data-original-width="1417" height="372" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAGmIv2JTZYX8BJYM5Sr-BRcYYW8ZifRLKUx9vvEW1eDCbrGe227MhJ227xMkxhXudyoIxQ3VK158xu_6tLzt2rKM1LmR-sMR7FFvLRsXlR816Xt8rnwbeWxYmP-TY2vrUuAex4-qRg0Y/s640/Screen+Shot+2020-01-31+at+11.40.48+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 15: Counterfeit-related website targeting the <b>Hugo Boss</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5yOsbiHBdkJR232lVwYyjNJhBj4vmv5HYRB4twDbRjikGXmXtDrBFvbVE9lpfpGLadiTE9eG13FS8KvxhcRnCwgiqop14SflomZN8LnhtU6jE-kRI81EiDXAlgsq672ePaBGN9ctKPXY/s1600/Screen+Shot+2020-04-13+at+2.43.26+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="954" data-original-width="751" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5yOsbiHBdkJR232lVwYyjNJhBj4vmv5HYRB4twDbRjikGXmXtDrBFvbVE9lpfpGLadiTE9eG13FS8KvxhcRnCwgiqop14SflomZN8LnhtU6jE-kRI81EiDXAlgsq672ePaBGN9ctKPXY/s640/Screen+Shot+2020-04-13+at+2.43.26+PM.png" width="502" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 16: Counterfeit-related website targeting the <b>Hunter</b> brand</div>
<div>
<br />
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBcvM4VwbPxb0-fisGp48hOuiwwCU47avt_DmI1aFIuY8kuwJyZRoribO4f4du7vFeQ0opVWh6CQULF5PoZUeH1Cb7GLcxYX6aU32kI66bVQINER7VLRshZWbnAi4laEz6L57x58QhTfQ/s1600/Screen+Shot+2020-02-03+at+11.20.03+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="746" data-original-width="1439" height="330" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBcvM4VwbPxb0-fisGp48hOuiwwCU47avt_DmI1aFIuY8kuwJyZRoribO4f4du7vFeQ0opVWh6CQULF5PoZUeH1Cb7GLcxYX6aU32kI66bVQINER7VLRshZWbnAi4laEz6L57x58QhTfQ/s640/Screen+Shot+2020-02-03+at+11.20.03+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 17: Counterfeit-related website targeting the <b>Kipling</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrqqLImKjttz77WQQW7uyrHjzbnpHYvzVphJObJC-gj415yvHh57VyJ_eE8wDctldGZCYhrm2ZMmubgCuHrIR4jIAyKPB_LflY0Cm3qcqDBKvVRCLVDL8rjXcsBXFA0kq_KqNzugPjjHw/s1600/Screen+Shot+2020-02-16+at+6.29.48+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="834" data-original-width="1174" height="454" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrqqLImKjttz77WQQW7uyrHjzbnpHYvzVphJObJC-gj415yvHh57VyJ_eE8wDctldGZCYhrm2ZMmubgCuHrIR4jIAyKPB_LflY0Cm3qcqDBKvVRCLVDL8rjXcsBXFA0kq_KqNzugPjjHw/s640/Screen+Shot+2020-02-16+at+6.29.48+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 18: Counterfeit-related website targeting the <b>Moncler</b> brand</div>
<div>
<br />
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgohxS4az6NAgmS5sx5JZ43GSH0taHqNb1dNhOtkavInZOZH350yNY9843cC_BZ7ECsSOvjDkjD0kDYvDgn_aUbODhZ3r9eUzKBfc-YwsNN-qt1Ts-Mj9iZR9jFoe_iePZbjhirwhqsCPM/s1600/Screen+Shot+2020-02-03+at+11.20.41+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="770" data-original-width="1425" height="344" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgohxS4az6NAgmS5sx5JZ43GSH0taHqNb1dNhOtkavInZOZH350yNY9843cC_BZ7ECsSOvjDkjD0kDYvDgn_aUbODhZ3r9eUzKBfc-YwsNN-qt1Ts-Mj9iZR9jFoe_iePZbjhirwhqsCPM/s640/Screen+Shot+2020-02-03+at+11.20.41+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 19: Counterfeit-related website targeting the <b>New Balance</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhI8YkwC5avsPoildpbfP9ffPym8-9-2DCKcenCGYyX0mIoL556AHlzAdOXfwNQcbIOt3jyo1OLObQ3yL9RfpTHe9uxLss9uf3HcIAMoD4XIjq2ffPfAhlrMYXOtgxRn5d0rv4TWEcwPx4/s1600/Screen+Shot+2020-04-13+at+2.40.24+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="945" data-original-width="1213" height="498" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhI8YkwC5avsPoildpbfP9ffPym8-9-2DCKcenCGYyX0mIoL556AHlzAdOXfwNQcbIOt3jyo1OLObQ3yL9RfpTHe9uxLss9uf3HcIAMoD4XIjq2ffPfAhlrMYXOtgxRn5d0rv4TWEcwPx4/s640/Screen+Shot+2020-04-13+at+2.40.24+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 20: Counterfeit-related website targeting the <b>Pandora</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj155hSdYHKN0OPkOuS_ym729pk-KKQHEUCoMwiDY_L9u3PkhkyUh9gIE9mySeVOmqHKAuRWXTHJnz7dQHIyEeb1AgYxBe21wCYhEPtoFPE5VMz9xn7qM6XYbey2b-nhNn1Lc2T1zGcHtU/s1600/Screen+Shot+2020-04-13+at+2.42.39+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="948" data-original-width="1247" height="486" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj155hSdYHKN0OPkOuS_ym729pk-KKQHEUCoMwiDY_L9u3PkhkyUh9gIE9mySeVOmqHKAuRWXTHJnz7dQHIyEeb1AgYxBe21wCYhEPtoFPE5VMz9xn7qM6XYbey2b-nhNn1Lc2T1zGcHtU/s640/Screen+Shot+2020-04-13+at+2.42.39+PM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 21: Counterfeit-related website targeting the <b>Pepe Jeans</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgl_RCF9IL5m-ofeHTGA39T7UuglEmNAxfUNoPw2erpgz952Dg81UmXrHNGGQKUCmSlbedaUMvxmOrNcdp8q2Sbvd6sZgk75tUBMoiEBLujK080LqQ3H0ntod6duiwtpZr2DKWYNZy-1OE/s1600/Screen+Shot+2020-02-13+at+8.25.39+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="799" data-original-width="1255" height="406" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgl_RCF9IL5m-ofeHTGA39T7UuglEmNAxfUNoPw2erpgz952Dg81UmXrHNGGQKUCmSlbedaUMvxmOrNcdp8q2Sbvd6sZgk75tUBMoiEBLujK080LqQ3H0ntod6duiwtpZr2DKWYNZy-1OE/s640/Screen+Shot+2020-02-13+at+8.25.39+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 22: Counterfeit-related website targeting the <b>Petzl</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVVxvI6qltKy1JgZKfb6L_KDRWA9X3Vyaz8OOFr7hO4dOt_obmbl3qvjWSkBld3tfYH8G3IB30BUPUpQOGWBLxysYIh_Yrvx4oDZy8fwc1Z2-dH4MmwRD_Un5wPx5spwF5ekcMYe4suso/s1600/Screen+Shot+2020-04-13+at+2.44.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="872" data-original-width="1212" height="460" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVVxvI6qltKy1JgZKfb6L_KDRWA9X3Vyaz8OOFr7hO4dOt_obmbl3qvjWSkBld3tfYH8G3IB30BUPUpQOGWBLxysYIh_Yrvx4oDZy8fwc1Z2-dH4MmwRD_Un5wPx5spwF5ekcMYe4suso/s640/Screen+Shot+2020-04-13+at+2.44.55+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 23: Counterfeit-related website targeting the <b>Reebok</b> brand</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNoU92tZsHhthWIxzuJvDWo6Mmc-C9NM_bdj8la_OkwxeXRSCTGrbijOTC-qMOzHFnuPebmnBbKnrVDp6ZXwX4RNnUNlRBh4Y9K2_ktHPyZ8ErrsdMCdIXOnl27n3Lo6MBAYmDTT0cZyU/s1600/Screen+Shot+2020-02-16+at+10.10.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="799" data-original-width="1408" height="362" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNoU92tZsHhthWIxzuJvDWo6Mmc-C9NM_bdj8la_OkwxeXRSCTGrbijOTC-qMOzHFnuPebmnBbKnrVDp6ZXwX4RNnUNlRBh4Y9K2_ktHPyZ8ErrsdMCdIXOnl27n3Lo6MBAYmDTT0cZyU/s640/Screen+Shot+2020-02-16+at+10.10.55+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 24: Counterfeit-related website targeting the <b>Saucony</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxyovAxEbFQG8xuF25l5aBVVLnKQ-ASxcdChrJ3VJHDGGqyZ8pUdZKyT_zVUTY09eKXCfKaYVs2X22kXAJtWlX9qRQ99fPLiKI1w2NpNU4ec9rVrVcIOWDgNknxwk8kk7ruRhg4ThnStc/s1600/Screen+Shot+2020-04-13+at+1.10.31+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="913" data-original-width="1254" height="464" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxyovAxEbFQG8xuF25l5aBVVLnKQ-ASxcdChrJ3VJHDGGqyZ8pUdZKyT_zVUTY09eKXCfKaYVs2X22kXAJtWlX9qRQ99fPLiKI1w2NpNU4ec9rVrVcIOWDgNknxwk8kk7ruRhg4ThnStc/s640/Screen+Shot+2020-04-13+at+1.10.31+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 25: Counterfeit-related website targeting the <b>Skechers</b> brand</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNtHXo565vTcYpQcgSVy1aU6IfJlHaozs8qCh-eaYvWh98VUqwbd86JhzsE6KdUpJ8S5gav3umg__UnyZPFSvTdVbNoO26bJx4DDhH55B4bG6VXicpZdOCFjrSlJuiXLIXZesNF96sp8Y/s1600/Screen+Shot+2020-04-13+at+1.14.17+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="952" data-original-width="1236" height="492" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNtHXo565vTcYpQcgSVy1aU6IfJlHaozs8qCh-eaYvWh98VUqwbd86JhzsE6KdUpJ8S5gav3umg__UnyZPFSvTdVbNoO26bJx4DDhH55B4bG6VXicpZdOCFjrSlJuiXLIXZesNF96sp8Y/s640/Screen+Shot+2020-04-13+at+1.14.17+PM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 26: Counterfeit-related website targeting the <b>Supreme</b> brand</div>
</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdFrIRfYBUUGSHzqQ_4R2xlJJJcV562zzzg92W51971itJetDkHwrDnNYgqmywSrGdnYkwWN1Sp1qS4pmOzdTwWiFZkpTxlJkhsP7YQM47iyucDRR50T51KTyYXkHS8Y46c7jP4VuPD-E/s1600/Screen+Shot+2020-04-13+at+1.06.50+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="904" data-original-width="1238" height="466" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdFrIRfYBUUGSHzqQ_4R2xlJJJcV562zzzg92W51971itJetDkHwrDnNYgqmywSrGdnYkwWN1Sp1qS4pmOzdTwWiFZkpTxlJkhsP7YQM47iyucDRR50T51KTyYXkHS8Y46c7jP4VuPD-E/s640/Screen+Shot+2020-04-13+at+1.06.50+AM.png" width="640" /></a></div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 27: Counterfeit-related website targeting the <b>Timberland</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiycl2xk0zR88DMrKSF1NEpS9W3Lrtr8uhSCRDEx1WPZYLeL2VEokxlrPhFY6zJxcloqiBI4ttMueE1DKYHggE8EObH3ht8w_ZqhlGtS_Kk0kMCOOEEmqtvXKfHe0wIENxUs9mQgZDV400/s1600/Screen+Shot+2020-04-13+at+2.36.39+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="950" data-original-width="1267" height="478" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiycl2xk0zR88DMrKSF1NEpS9W3Lrtr8uhSCRDEx1WPZYLeL2VEokxlrPhFY6zJxcloqiBI4ttMueE1DKYHggE8EObH3ht8w_ZqhlGtS_Kk0kMCOOEEmqtvXKfHe0wIENxUs9mQgZDV400/s640/Screen+Shot+2020-04-13+at+2.36.39+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 28: Counterfeit-related website targeting the <b>Tommy Hilfiger</b> brand</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6dSLwaRrD0FYBi1P_-am2HNQlpbigjzs5vsQphnZL35gKBox7U1EAKlTnKp14b2emXZZY09ZZgDE9GMn5egNwUDgQDOhVbvLAeaErNuXBLZRZQqWWIv4gtCNVIHaCvuYo6viw5AWYUsQ/s1600/Screen+Shot+2020-04-13+at+1.04.43+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="896" data-original-width="1257" height="454" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6dSLwaRrD0FYBi1P_-am2HNQlpbigjzs5vsQphnZL35gKBox7U1EAKlTnKp14b2emXZZY09ZZgDE9GMn5egNwUDgQDOhVbvLAeaErNuXBLZRZQqWWIv4gtCNVIHaCvuYo6viw5AWYUsQ/s640/Screen+Shot+2020-04-13+at+1.04.43+AM.png" width="640" /></a></div>
<br />
<div>
<div class="" style="clear: both; text-align: center;">
Fig 29: Counterfeit-related website targeting the <b>UGG</b> brand</div>
<div class="" style="clear: both; text-align: center;">
<br /></div>
<div class="" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQT2dZMoPPAeDdjgKmeZRvWEd-ChDV-v2R-0L-6pvkDtAFXoI0ICKYT0hhDQFoM-M1BonWc1B_-rCBN8th1PEGDtufSKQEAKW6a-HAZeJxGAk52EdcyGuHaNTChFczUAAVvMuGSI9MZ6Y/s1600/Screen+Shot+2020-04-13+at+12.59.44+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="888" data-original-width="1112" height="510" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQT2dZMoPPAeDdjgKmeZRvWEd-ChDV-v2R-0L-6pvkDtAFXoI0ICKYT0hhDQFoM-M1BonWc1B_-rCBN8th1PEGDtufSKQEAKW6a-HAZeJxGAk52EdcyGuHaNTChFczUAAVvMuGSI9MZ6Y/s640/Screen+Shot+2020-04-13+at+12.59.44+AM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
Fig 30: Counterfeit-related website targeting the <b>Under Armour</b> brand</div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZC00tFHCXPriiCIq7Si_CWrsNp8S5DPjFbyvgQR0_wzwwMQ1bBbwMs-M3q-X-7ba-zvHAbMjTxONaCl-RNYA5vvX-UZQ4_PEqYssFS_5lRgng8PpnyTHgqPTK4qCppkFEKglqS9XfFmA/s1600/Screen+Shot+2020-02-18+at+10.38.32+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="778" data-original-width="1405" height="354" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZC00tFHCXPriiCIq7Si_CWrsNp8S5DPjFbyvgQR0_wzwwMQ1bBbwMs-M3q-X-7ba-zvHAbMjTxONaCl-RNYA5vvX-UZQ4_PEqYssFS_5lRgng8PpnyTHgqPTK4qCppkFEKglqS9XfFmA/s640/Screen+Shot+2020-02-18+at+10.38.32+PM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 31: Counterfeit-related website targeting the <b>Vans</b> brand</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipj1mpYqLW-3nno4Qmv64HvAM0-mydZVnToPfWQm-61QdPZlQIrrfv6EGjYIDR8E3K4PAaZin41KBSQESQZ5BjAJieWws5ZhX46raNT3kq1j6TTF764eULHmiGQLEDbHrJ3u0VPomktL0/s1600/Screen+Shot+2020-04-13+at+2.45.52+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="916" data-original-width="1216" height="482" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipj1mpYqLW-3nno4Qmv64HvAM0-mydZVnToPfWQm-61QdPZlQIrrfv6EGjYIDR8E3K4PAaZin41KBSQESQZ5BjAJieWws5ZhX46raNT3kq1j6TTF764eULHmiGQLEDbHrJ3u0VPomktL0/s640/Screen+Shot+2020-04-13+at+2.45.52+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 32: Counterfeit-related website targeting the <b>Vibram</b> brand</div>
</div>
<div>
<br />
<br /></div>
<div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZqQGJ1HdbBgJI6rt-dX4HlH8cUQQxIqENcQHZDcX5VLZA6RspaMFSvmcFTT5cSwupzlb0V3GUQjj0cvOP2lzFukfbfkK-wb489_CKCSsHWO6p3PmiMIkatd9x6iOyPXLjydiKN1MCfBw/s1600/Screen+Shot+2020-04-13+at+2.34.15+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="955" data-original-width="1236" height="494" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZqQGJ1HdbBgJI6rt-dX4HlH8cUQQxIqENcQHZDcX5VLZA6RspaMFSvmcFTT5cSwupzlb0V3GUQjj0cvOP2lzFukfbfkK-wb489_CKCSsHWO6p3PmiMIkatd9x6iOyPXLjydiKN1MCfBw/s640/Screen+Shot+2020-04-13+at+2.34.15+PM.png" width="640" /></a></div>
<div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
Fig 33: Counterfeit-related website targeting the <b>Football </b>brands</div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; margin: 0px; text-align: center;">
<br /></div>
</div>
</div>
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxX6sLjT5tq5Lb81A2OCHVUByF2hJwNDa_T9ar3oH0iuDzWRuJ039kzdnz5gojfq06vpCdEbb7HjngBKzcOuF2EojZPE-1XndSdrNqqiNPmpNaUGirJGVdbABC-NVvaKBLKrIZLPPMJTQ/s1600/Screen+Shot+2020-04-13+at+10.28.12+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="943" data-original-width="1180" height="510" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxX6sLjT5tq5Lb81A2OCHVUByF2hJwNDa_T9ar3oH0iuDzWRuJ039kzdnz5gojfq06vpCdEbb7HjngBKzcOuF2EojZPE-1XndSdrNqqiNPmpNaUGirJGVdbABC-NVvaKBLKrIZLPPMJTQ/s640/Screen+Shot+2020-04-13+at+10.28.12+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 34: Counterfeit-related website targeting several toys brands</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMmt3u5CR60ujke4QuuQyvJyOsaP2DsWciZ41V6Eh7UW4UxaHULaV92TzLLDcx5pXT-26AfuV75csj5qrulvNc7lugElSp-sfNFcfRTL1upI64tRt_F0gnuejWl9gDiKgWeaYKnYKeUxk/s1600/Screen+Shot+2020-04-13+at+10.31.08+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="949" data-original-width="927" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMmt3u5CR60ujke4QuuQyvJyOsaP2DsWciZ41V6Eh7UW4UxaHULaV92TzLLDcx5pXT-26AfuV75csj5qrulvNc7lugElSp-sfNFcfRTL1upI64tRt_F0gnuejWl9gDiKgWeaYKnYKeUxk/s640/Screen+Shot+2020-04-13+at+10.31.08+AM.png" width="624" /></a></div>
<br /></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 35: Counterfeit-related website targeting several Sun Glasses brands</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiISRijM6YVaBV4i593VO7nReLTPeHJp0GyQJduIuCdTGe0PIlApl_riQQ7rJ5YlKdsEr0k9-RsnjQBvyG7WStXbff0rQYJNo24K6DsF4wMTdmQH3XSdCbYaVKMnHdo_PJzbs7SKXBQQZA/s1600/Screen+Shot+2020-04-13+at+10.33.47+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="944" data-original-width="1192" height="506" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiISRijM6YVaBV4i593VO7nReLTPeHJp0GyQJduIuCdTGe0PIlApl_riQQ7rJ5YlKdsEr0k9-RsnjQBvyG7WStXbff0rQYJNo24K6DsF4wMTdmQH3XSdCbYaVKMnHdo_PJzbs7SKXBQQZA/s640/Screen+Shot+2020-04-13+at+10.33.47+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
Fig 36: Counterfeit-related website targeting bathroom goods brands</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm4eeVYW7WJoyjZrNAMEOvSZZpYACy0o4YsCWy8s7wu83acOSFqN3wxMH9FynaPtfyvHtVqMutLsBMuSdRiyty1XJjND7ijPKzhpDHt9CVBBq6I1m6lFAQEvWhWq5tMUhfSJ4EICzNorI/s1600/Screen+Shot+2020-04-13+at+1.08.29+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="927" data-original-width="1048" height="566" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm4eeVYW7WJoyjZrNAMEOvSZZpYACy0o4YsCWy8s7wu83acOSFqN3wxMH9FynaPtfyvHtVqMutLsBMuSdRiyty1XJjND7ijPKzhpDHt9CVBBq6I1m6lFAQEvWhWq5tMUhfSJ4EICzNorI/s640/Screen+Shot+2020-04-13+at+1.08.29+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
Fig 37: Counterfeit-related website targeting kitcheen goods brands</div>
<div>
<br /></div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-5906053378324336512020-01-29T00:12:00.002+01:002020-01-29T00:12:17.836+01:00Counterfeit finally posing as a national security threat for US<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipCyh_NB8Rgf8K3drsfVZFguJ03q8qigaDX3qUIkNcZNc8nSIe_3PLYFM3Q570VWj_D9cC_WYoPmAV6_V00yCO1A6C2His6LjVp-0MkTlQGSTcKj1hI30qs9MBEx9kZHGA4tp5WcF1stc/s1600/Screen+Shot+2020-01-28+at+11.31.25+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="486" data-original-width="478" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipCyh_NB8Rgf8K3drsfVZFguJ03q8qigaDX3qUIkNcZNc8nSIe_3PLYFM3Q570VWj_D9cC_WYoPmAV6_V00yCO1A6C2His6LjVp-0MkTlQGSTcKj1hI30qs9MBEx9kZHGA4tp5WcF1stc/s400/Screen+Shot+2020-01-28+at+11.31.25+PM.png" width="392" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://twitter.com/DHSgov/status/1221234711529508864" target="_blank">Tweet from Homeland security</a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
The U.S. Department of Homeland Security´s Office of Strategy, Policy, and Plans on Friday released a 54-page report to the president on "<a href="https://www.dhs.gov/sites/default/files/publications/20_0124_plcy_counterfeit-pirated-goods-report_01.pdf" target="_blank">Combating Trafficking in Counterfeit and Pirated Goods</a>", promising to strengthen scrutiny, enforcement and punishment to tackle what it calls a rising problem in e-commerce.</div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
We´ve been warning about this fraud long time ago, even before of publishing the SANS paper "<a href="https://www.sans.org/reading-room/whitepapers/detection/paper/37697" target="_blank">Tracking online counterfeiters</a>". <a href="http://desenmascara.me/">Desenmascara.me</a> is our online service to help both: consumers and brands against this illicit business plaging Internet. Finally it seems this illicit business will have the attention required. As we said in Spanish: "<i>Nunca es tarde si la dicha es buena</i>".</div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
The report contain metrics about the problem whose many of them are extracted from a <a href="http://blog.emiliocasbas.net/2019/09/how-easy-google-product-is-being-misuse.html" target="_blank">OECD report I had already pointed out</a> months ago. Nothing new about the landscape of the counterfeiting trafficking landscape and some key problems identified. In contrast, the interesting part of this report is the section 7. Immediate Action by DHS and Recommendations for the USG:</div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFYsaGf6qy85kHicDNpK73b5deB4UQjLeWx_26Vyr9ThXWYQ8BPRkuthwH6pLJb1TvOmu4Z8KlMlqE9qbHJ952Q1S58iqo8UmWZHIJt5-i2wdXKEf6VNnMLQVrh9iYxqw0Ein6LjJqqvs/s1600/Screen+Shot+2020-01-29+at+12.05.49+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="189" data-original-width="1091" height="110" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFYsaGf6qy85kHicDNpK73b5deB4UQjLeWx_26Vyr9ThXWYQ8BPRkuthwH6pLJb1TvOmu4Z8KlMlqE9qbHJ952Q1S58iqo8UmWZHIJt5-i2wdXKEf6VNnMLQVrh9iYxqw0Ein6LjJqqvs/s640/Screen+Shot+2020-01-29+at+12.05.49+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7CTlAGAXY2zsN5a6o9N9O-r0G1W_hst2425BlEgzTNhXZnyP9JtLvzn164LtwFNBOXy4Dg82N5WJgDTGRvA2g51X2OPaaxknkzFLY4cLSWZggWb1RpccBdhFJcyJUnV1e3S_jGeNoDpI/s1600/Screen+Shot+2020-01-29+at+12.07.31+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="267" data-original-width="1093" height="156" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7CTlAGAXY2zsN5a6o9N9O-r0G1W_hst2425BlEgzTNhXZnyP9JtLvzn164LtwFNBOXy4Dg82N5WJgDTGRvA2g51X2OPaaxknkzFLY4cLSWZggWb1RpccBdhFJcyJUnV1e3S_jGeNoDpI/s640/Screen+Shot+2020-01-29+at+12.07.31+AM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
Times are turning interesting on this area, let´s see what´s coming with the implementation of these strong actions. Stay tuned.</div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-83444645169938409222020-01-21T23:30:00.002+01:002020-01-21T23:47:08.017+01:00Worldwide Fake North Face campaign of websites hosted under plenty of TLDs<blockquote class="tr_bq" style="text-align: center;">
<i><span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;"> ".ch, the </span><a href="https://www.switch.ch/news/30years-ch/" style="background-color: white; box-sizing: border-box; color: #2075b1; font-family: FrutigerNextW01-Regular, Helvetica, Verdana, sans-serif; font-size: 17px; font-variant-ligatures: normal; letter-spacing: 0.2px; orphans: 2; text-decoration: none; widows: 2;">most secure top level domain (TLD) in Europe</a><span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;">."</span> </i> </blockquote>
<blockquote class="tr_bq" style="text-align: center;">
<i><span style="font-size: x-small;"><span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;">(Ref: </span><a href="https://www.switch.ch/stories/fakewebshops/">https://www.switch.ch/stories/fakewebshops/</a>)</span></i></blockquote>
<br />
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;">The above sentence might be true. The proof?</span></div>
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;"><br /></span></div>
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;">Just take a look to this FAKE campaign of a single actor targeting multiple worldwide TLDs <b>except .ch</b>. The reason?. Likely to have a higher lifetime = profit. </span></div>
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;"><br /></span></div>
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;">They know that if they set up the FAKE webshop under .ch, this TLD is being actively monitored for this type of fraud hence the chances to be detected and take down the webshop would increase. Best course of action? - to avoid it.</span></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;">Few examples of FAKE webshops under random European countries:</span></div>
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieNC2wKjbzgoGTupJteQt9qSg0TRZr5Q8inXrkK1BPkzCMqKkp54PrXje_wuxbjBAfBnb2V65rtlLeTX-GgYscIsWcKHXYnvQk7uir7DIP4SIehjn_6vj4a6tHhm9XjEUdLBlyDRcwu9Y/s1600/Screen+Shot+2020-01-21+at+11.04.36+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="756" data-original-width="1391" height="216" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieNC2wKjbzgoGTupJteQt9qSg0TRZr5Q8inXrkK1BPkzCMqKkp54PrXje_wuxbjBAfBnb2V65rtlLeTX-GgYscIsWcKHXYnvQk7uir7DIP4SIehjn_6vj4a6tHhm9XjEUdLBlyDRcwu9Y/s400/Screen+Shot+2020-01-21+at+11.04.36+PM.png" width="400" /></a></div>
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;"><br /></span>
<br />
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;">FAKE Polish webhsop (https:// www.thenorthfacesklep.pl)</span></span></div>
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;"><br /></span>
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjE8P3TKOfusa1f57mvQ3X2Ym83ejbZlAWGU03yN7KawGUUrS33WwnrSALDrEclhbPzZf_nMTvPbua_cYPUv0L7MKk4qdZbiGE-TQ1zFNLvtvZq8hhFoVk-iybIOOVcpLuexWtuVOXrAyM/s1600/Screen+Shot+2020-01-21+at+11.06.36+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="795" data-original-width="1378" height="230" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjE8P3TKOfusa1f57mvQ3X2Ym83ejbZlAWGU03yN7KawGUUrS33WwnrSALDrEclhbPzZf_nMTvPbua_cYPUv0L7MKk4qdZbiGE-TQ1zFNLvtvZq8hhFoVk-iybIOOVcpLuexWtuVOXrAyM/s400/Screen+Shot+2020-01-21+at+11.06.36+PM.png" width="400" /></a></div>
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: 17px; letter-spacing: 0.2px;"><br /></span>
<br />
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;">Fake Spanish webshop (https ://www.northfacees.es)</span></span></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg70RWqBQ3p2qHDiX2YUcRvWviFBJylP5-Z9ARxCyBiUBuCcuhdkk-ElhCIogL6a4rOb-CyKshrcs420Cs07z6olHlCChjwAyhvKglewIUQb9ASRDvSeCYqwW7cnfLgwAaZaK9lUR3OS6Q/s1600/Screen+Shot+2020-01-21+at+11.08.08+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="819" data-original-width="1365" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg70RWqBQ3p2qHDiX2YUcRvWviFBJylP5-Z9ARxCyBiUBuCcuhdkk-ElhCIogL6a4rOb-CyKshrcs420Cs07z6olHlCChjwAyhvKglewIUQb9ASRDvSeCYqwW7cnfLgwAaZaK9lUR3OS6Q/s400/Screen+Shot+2020-01-21+at+11.08.08+PM.png" width="400" /></a></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;">Fake German webshop (</span></span><span style="font-size: x-small;">https ://www.northfacegermany.de</span><span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; font-size: x-small; letter-spacing: 0.2px;">)</span></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiX_WyBlsom_tD2TBgJOgxtI-5lwCYimJjuCKEvXT0970h2tjlC-NBe0Fi00SDb3zsBdNqcOyhlq5fOl8Y0gFME2HyQlDCYx-t9yAiVe27PICxjcpOT2tcX1atqTaDrh0jodF2lcAKk8yM/s1600/Screen+Shot+2020-01-21+at+11.09.18+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="814" data-original-width="1374" height="236" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiX_WyBlsom_tD2TBgJOgxtI-5lwCYimJjuCKEvXT0970h2tjlC-NBe0Fi00SDb3zsBdNqcOyhlq5fOl8Y0gFME2HyQlDCYx-t9yAiVe27PICxjcpOT2tcX1atqTaDrh0jodF2lcAKk8yM/s400/Screen+Shot+2020-01-21+at+11.09.18+PM.png" width="400" /></a></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;">Fake Italian webshop (</span><span style="font-size: x-small;">https ://www.tnfitalia.it</span><span style="font-size: x-small;">)</span></span></div>
<div style="text-align: center;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"></span></span><br />
<div style="background-color: white; border: 0px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
<ol style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: white; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"></ol>
</div>
<br />
<div style="background-color: white; border: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
<div style="margin: 0px;">
But it is not about Europe. This FAKE campaign targeting this specific brand is worldwide: </div>
</div>
</div>
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEio7yRlijA2Di3GsMOTW19h1e0VrG75yRpgQh77xqRLtja7-zwnGnQ1td9l1s1OrxbqpGPsEKlAZW13r1VR0Yv1sNXCyIeuClilySkYhX4l-cYWI_MIOCXVK0lK8-e5dFnhWE5a-S3gLls/s1600/Screen+Shot+2020-01-21+at+10.52.08+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="786" data-original-width="394" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEio7yRlijA2Di3GsMOTW19h1e0VrG75yRpgQh77xqRLtja7-zwnGnQ1td9l1s1OrxbqpGPsEKlAZW13r1VR0Yv1sNXCyIeuClilySkYhX4l-cYWI_MIOCXVK0lK8-e5dFnhWE5a-S3gLls/s640/Screen+Shot+2020-01-21+at+10.52.08+PM.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: x-small;">Passive DNS information.</span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="background-color: white; border: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
Just an observation from the timing of the FAKE domains registration, you can see that the bad guys also have Christmas holidays. There is no activity observed between December 18th and January 8th :)<br />
<br />
<br /></div>
<div style="background-color: white; border: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
<a href="http://desenmascara.me/">Desenmascara.me</a> just do one thing but we do it with a laser-focus approach:<span style="border: 0px; color: inherit; font-family: inherit; font-size: inherit; font-stretch: inherit; font-style: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> </span><b>we do detect and flag </b><b>online counterfeiting (and fraud) related websites</b><span style="border: 0px; color: inherit; font-family: inherit; font-size: inherit; font-stretch: inherit; font-style: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;"> </span>as the above ones for hundreds of different brands targeted by counterfeiters.</div>
<div style="background-color: white; border: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
<br /></div>
<div style="background-color: white; border: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
We are collecting the most comprehensive dataset of counterfeit-related webs with two simple goals in mind: </div>
<div style="background-color: white; border: 0px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
<ol>
<li style="text-align: justify;"><span style="font-family: "calibri" , "arial" , "helvetica" , sans-serif;">To provide a free service for online consumers to avoid them being scammed.</span></li>
<li style="text-align: justify;"><span style="font-family: "calibri" , "arial" , "helvetica" , sans-serif;">To provide a commercial service to brands affected, payment platforms, ISPs and domain registers. </span></li>
</ol>
<div style="text-align: justify;">
<span style="font-family: "calibri" , "arial" , "helvetica" , sans-serif;">The ultimate goal is to stop this massive online fraud. If you are interested just <a href="mailto:emilio@desenmascara.me" target="_blank">contact with me.</a></span></div>
</div>
<div style="background-color: white; border: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
<br /></div>
<div style="background-color: white; border: 0px; font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 16px; font-stretch: inherit; line-height: inherit; margin: 0px; padding: 0px; vertical-align: baseline;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="text-align: justify;">
<span style="background-color: white; color: #2c2e2f; font-family: , "helvetica" , "verdana" , sans-serif; letter-spacing: 0.2px;"><span style="font-size: x-small;"><br /></span></span></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-47113415654565757722019-11-06T00:14:00.001+01:002019-11-08T23:44:43.885+01:00Fraudulent websites masquerading as different types of Spanish official applications<b>Update [08.11.2019]</b>: Actors behind this massive online fraud are not only targeting Spanish public services, but also US based as shown below:<br />
<br />
<br />
Fishing and hunting license in Florida --> https://www.fishingandhuntingflorida.com/<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM19XyW859yIO9L5mXW-9HpmPhtaAfWDsqwUnttWaQgXCDoZWdXOJQIY-tApWd1f16GUtZiCg__Abqv9ZLKFcFtRb56jPlwADLQeX7wB9ajJDmiITohCCQ82WUb2_MfB83vBJp_hpB2Tg/s1600/Screen+Shot+2019-11-08+at+11.21.02+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="789" data-original-width="1600" height="196" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM19XyW859yIO9L5mXW-9HpmPhtaAfWDsqwUnttWaQgXCDoZWdXOJQIY-tApWd1f16GUtZiCg__Abqv9ZLKFcFtRb56jPlwADLQeX7wB9ajJDmiITohCCQ82WUb2_MfB83vBJp_hpB2Tg/s400/Screen+Shot+2019-11-08+at+11.21.02+PM.png" width="400" /></a></div>
<br />
Fishing license in Texas --> https://www.texasfishinglicense.online/<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKE5G7t0i-6w3Q6eT55pswjqZilYjIOp8Cipxng952vDG4FDA2uHVyI2Ln4BOnDtrnyDt72KgaRAzDJ4wFGRDvkmbj7Y1x8wcN-skNgakt6VLNPpSo1srXjX0tK3Zj61Ii1uAy3GoAUGY/s1600/Screen+Shot+2019-11-08+at+11.19.48+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="786" data-original-width="1600" height="196" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKE5G7t0i-6w3Q6eT55pswjqZilYjIOp8Cipxng952vDG4FDA2uHVyI2Ln4BOnDtrnyDt72KgaRAzDJ4wFGRDvkmbj7Y1x8wcN-skNgakt6VLNPpSo1srXjX0tK3Zj61Ii1uAy3GoAUGY/s400/Screen+Shot+2019-11-08+at+11.19.48+PM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Fishing license in Michigan --> https://www.michiganfishinglicense.online/<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisn7eTfyGgWbE08JN1RidfhGnm3eexLaHmZGDYfDd1xq6bvKVoCyXeGzd-mlLzXAwndHbJIizQzxeHIRXB58yaaEdzTB3uYRl8T6w2vaWp2SGwI5jx-XDztA2obfqJyYkxQttT173efkU/s1600/Screen+Shot+2019-11-08+at+11.28.41+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="893" data-original-width="1600" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisn7eTfyGgWbE08JN1RidfhGnm3eexLaHmZGDYfDd1xq6bvKVoCyXeGzd-mlLzXAwndHbJIizQzxeHIRXB58yaaEdzTB3uYRl8T6w2vaWp2SGwI5jx-XDztA2obfqJyYkxQttT173efkU/s400/Screen+Shot+2019-11-08+at+11.28.41+PM.png" width="400" /></a></div>
<br />
<br />
Fishing license in Georgia --> https://www.georgiafishinglicense.online/<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtLwjocrLsTolcWnkJ5nNrvlTAgzTITOr0UK9McRwCb9Zp_S4ln27GsclLC528wiCXJaedWvW-L7iD2qM7PzJW7DJGbeqn_CwZG02l9kv2O1LyXewnZQppNtaK33fyrAkvdhrb-uC-2PM/s1600/Screen+Shot+2019-11-08+at+11.29.52+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="845" data-original-width="1511" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtLwjocrLsTolcWnkJ5nNrvlTAgzTITOr0UK9McRwCb9Zp_S4ln27GsclLC528wiCXJaedWvW-L7iD2qM7PzJW7DJGbeqn_CwZG02l9kv2O1LyXewnZQppNtaK33fyrAkvdhrb-uC-2PM/s400/Screen+Shot+2019-11-08+at+11.29.52+PM.png" width="400" /></a></div>
<br />
This group of fraudsters have also registered a government alike domain: <b>http://cbp-dhs-gov.com/</b><br />
which at the time of writing this has just a landing page, the only purpose of these misleading domains (either once the website has been built up or just using the domain to send more credible phishing mails) is to lure users to steal their money and personal information:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgST5RZbzzLN1O-yoFNEMLtgHUDXbmFm-h7UnQHQM7c_q9fEb_Tr8TTfohqY0j4chyFnTZcxwg-yNh08V2ox0XLXJiZE7-0aD5Ts9xtndWG_aYxSERrTc7g6Vvplv0qM-Fqat4nca9b494/s1600/Screen+Shot+2019-11-08+at+11.26.42+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="462" data-original-width="449" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgST5RZbzzLN1O-yoFNEMLtgHUDXbmFm-h7UnQHQM7c_q9fEb_Tr8TTfohqY0j4chyFnTZcxwg-yNh08V2ox0XLXJiZE7-0aD5Ts9xtndWG_aYxSERrTc7g6Vvplv0qM-Fqat4nca9b494/s320/Screen+Shot+2019-11-08+at+11.26.42+PM.png" width="310" /></a></div>
<br />
<b>end of update.</b><br />
<br />
<br />
<br />
<b>Fraud campaign in Spain:</b><br />
<br />
Register of death? --> https://www.expedientedefuncion.online / <span style="background-color: white; color: #3a4eff; font-family: "google sans" , "roboto" , "robotodraft" , "helvetica" , "arial" , sans-serif; font-size: 13px;">www.solicitar-certificado-defuncion.online</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7RUx49Y07FiSEWW7kTGQ8I5PeXg01Jlsg55WWOQcRvR7dU7OeUNdTRqHtxccHfkXHM_GeO2RbB5kKkvFB408GZtOjlOHL6N0v7XO2_ch-xnr-ehf5gPIMsb7fNLGXE6d5riCW_tEHjgU/s1600/Screen+Shot+2019-11-05+at+11.34.36+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="553" data-original-width="1143" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7RUx49Y07FiSEWW7kTGQ8I5PeXg01Jlsg55WWOQcRvR7dU7OeUNdTRqHtxccHfkXHM_GeO2RbB5kKkvFB408GZtOjlOHL6N0v7XO2_ch-xnr-ehf5gPIMsb7fNLGXE6d5riCW_tEHjgU/s400/Screen+Shot+2019-11-05+at+11.34.36+PM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Official documents (with apostilla)? --> https://www.apostillaylegalizacion.com/</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKog534QwSgvaYg6ygoIIbsMcNvayLxnxA9yVmwfaCreqRSO1nvJB8-A3DSm3zE2vBLn7FN9M_Az_vBgNi-zBnIcy7xgHyflQYP6f_yrje8rSn7Osz0Jafhu19VpWd-tmKEPxmzaRhz5c/s1600/Screen+Shot+2019-11-05+at+11.44.10+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="888" data-original-width="1231" height="287" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKog534QwSgvaYg6ygoIIbsMcNvayLxnxA9yVmwfaCreqRSO1nvJB8-A3DSm3zE2vBLn7FN9M_Az_vBgNi-zBnIcy7xgHyflQYP6f_yrje8rSn7Osz0Jafhu19VpWd-tmKEPxmzaRhz5c/s400/Screen+Shot+2019-11-05+at+11.44.10+PM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Criminal certificate? --> https://www.certificadodelitospenales.online/</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGFaOuMP6uq2zDAgxitDm4sbS4UIfsK5e8hrO6PYU61_m2tpI15Du4zpvusuq2VDCtx2OoLSMgisWRHe_MU_QZkwtGwU6XI05XOECeQWrf8dadz4vqrzFqTM_hgW9w3szE-YjMgCGPkh0/s1600/Screen+Shot+2019-11-05+at+11.47.26+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="896" data-original-width="1231" height="290" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGFaOuMP6uq2zDAgxitDm4sbS4UIfsK5e8hrO6PYU61_m2tpI15Du4zpvusuq2VDCtx2OoLSMgisWRHe_MU_QZkwtGwU6XI05XOECeQWrf8dadz4vqrzFqTM_hgW9w3szE-YjMgCGPkh0/s400/Screen+Shot+2019-11-05+at+11.47.26+PM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Birth certificate? --> https://www.certificadonacimiento.online/</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQZJlmPhkHmJ1EdfIyAzk8CvMhbLWPifeFYXcQ73trc3cwVpijQACjFbBu4BpWc3CjFe8GtxFFA7E5941F34XreIb4b_CpuQ94v1AATzM079xqE0993eNbsl86HTrfMwsyUILUN3jvlow/s1600/Screen+Shot+2019-11-05+at+11.48.13+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="850" data-original-width="1247" height="272" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQZJlmPhkHmJ1EdfIyAzk8CvMhbLWPifeFYXcQ73trc3cwVpijQACjFbBu4BpWc3CjFe8GtxFFA7E5941F34XreIb4b_CpuQ94v1AATzM079xqE0993eNbsl86HTrfMwsyUILUN3jvlow/s400/Screen+Shot+2019-11-05+at+11.48.13+PM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Marriage certificate? --> https://www.actadematrimonio.online/</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd7L0eErOl0niJ0vrhrEaLj_jok_spHlmcCk-Oe8JwqOU20LaGG1y6M-Nj-5loc5uLgQHNKIE0pZDGjOfan3sNPkJkun4ckysoicKDW4oBCFJ7pLdqIm5jZJkkJBKf5QSayZzCxnh-XHY/s1600/Screen+Shot+2019-11-05+at+11.51.03+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="856" data-original-width="1251" height="272" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgd7L0eErOl0niJ0vrhrEaLj_jok_spHlmcCk-Oe8JwqOU20LaGG1y6M-Nj-5loc5uLgQHNKIE0pZDGjOfan3sNPkJkun4ckysoicKDW4oBCFJ7pLdqIm5jZJkkJBKf5QSayZzCxnh-XHY/s400/Screen+Shot+2019-11-05+at+11.51.03+PM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
European health card? --> https://www.tarjetasanitariaeuropeaonline.com/</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3j3uFeCsf5ojbLSTpbcWOUgwBL3ORh4eNUA173YgGh2UarIgpLFDwBXVzI_VozpUboWQAcl7g3XKYIPPnXA3mw8nXTul2uclaftPzzyQojqesOaV2jExuDUszX95WhWAwSW1fm5casR8/s1600/Screen+Shot+2019-11-06+at+12.10.29+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="857" data-original-width="1244" height="275" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3j3uFeCsf5ojbLSTpbcWOUgwBL3ORh4eNUA173YgGh2UarIgpLFDwBXVzI_VozpUboWQAcl7g3XKYIPPnXA3mw8nXTul2uclaftPzzyQojqesOaV2jExuDUszX95WhWAwSW1fm5casR8/s400/Screen+Shot+2019-11-06+at+12.10.29+AM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
And so on with dozens of similar official certificates. This is common online fraud where fraudsters set up professional-looking websites to lure unsuspected users. Users unaware of how the bureaucracy system would work in Spain will look online to get a certificate based on their specific needs and they will end up on a fraudulent site like any of those. </div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
After the user submit its details and pay the fee, the website will show the user an error on the payment and the fraud is done. Money is available on the pocket of fraudsters and the victim receives nothing.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMCJELFzZro9YrVYEOC57UB0qHGpgPJupWlEToYxdNPqZV_Tk6VQSjVkmNMGUnyZFPaPo6ggS4r0VgDA3Mc6ObYj8MZuqAI2UigFHAJXp6__16Kw-Ad_iKMPjATeArMK121XgrkZdlacY/s1600/Screen+Shot+2019-11-05+at+11.56.42+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="392" data-original-width="923" height="168" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMCJELFzZro9YrVYEOC57UB0qHGpgPJupWlEToYxdNPqZV_Tk6VQSjVkmNMGUnyZFPaPo6ggS4r0VgDA3Mc6ObYj8MZuqAI2UigFHAJXp6__16Kw-Ad_iKMPjATeArMK121XgrkZdlacY/s400/Screen+Shot+2019-11-05+at+11.56.42+PM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
Never, ever buy services from a website whose legitimacy you are not sure about, in case of doubt just use the webservice <a href="https://desenmascara.me/">https://desenmascara.me</a> or ask us through the contact form.</div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
The actor behind such fraudulent webs is a business registered in Florida (EEUU): <span style="background-color: white; color: #545454; font-family: "arial" , sans-serif; font-size: 14px;">Global </span><span style="background-color: white; color: #6a6a6a; font-family: "arial" , sans-serif; font-size: 14px; font-weight: bold;">Trading Solutions LLC, </span><span style="background-color: white; font-variant-ligatures: normal; orphans: 2; widows: 2;">also <a href="https://www.diariobitcoin.com/index.php/2019/05/02/estafadores-acusados-por-ee-uu-operaban-multimillonario-esquema-presuntamente-asociado-con-el-caso-de-tether-y-bitfinex/">associated with multimillionaire crypto fraud</a>, and there is also an <a href="https://www.elindependiente.com/vida-sana/2019/09/24/un-juzgado-de-madrid-investiga-una-web-por-cobrar-por-la-tarjeta-sanitaria-europea/">open investigation in a Spanish court</a>.</span></div>
<div class="separator" style="clear: both; text-align: justify;">
<span style="background-color: white; font-variant-ligatures: normal; orphans: 2; widows: 2;"><br /></span></div>
<div class="separator" style="clear: both; text-align: justify;">
<span style="background-color: white; font-variant-ligatures: normal; orphans: 2; widows: 2;">Remember, if you have any doubt before making any purchase online, just use <a href="https://desenmascara.me/">https://desenmascara.me</a> to avoid being lured.</span></div>
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-47234775321513319362019-10-11T23:16:00.001+02:002019-10-11T23:17:13.535+02:00Annual Intellectual Property Report to US Congress<div style="text-align: justify;">
On April 26, 2018, President Trump, became the f<a href="https://www.whitehouse.gov/presidential-actions/president-donald-j-trump-proclaims-april-26-2018-world-intellectual-property-day/">irst President to formally recognize World Intellectual Property Day</a> and proclaimed that “[o]n World Intellectual Property Day, we not
only celebrate invention and innovation, but also we recognize how integral intellectual property
rights are to our Nation’s economic competitiveness.” For this reason, the President stated that
“[o]ur country will no longer turn a blind eye to the theft of American jobs, wealth, and
intellectual property through the unfair and unscrupulous economic practices of some foreign
actors.”</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrvZNk5GdXwOCp3Y9GzlUpE0qFLMoP0MpqQSV_IVdmIvoa_AEI65647Z2_4jE3Xd5X3WjKX6RYOid_QN9_ImGBIZVUz6pEEC7kVBUgYzPtwrtgpahF9T_zD5GIAHQCsCnhYiXduH_SXV0/s1600/Screen+Shot+2019-10-11+at+11.15.27+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="835" data-original-width="641" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrvZNk5GdXwOCp3Y9GzlUpE0qFLMoP0MpqQSV_IVdmIvoa_AEI65647Z2_4jE3Xd5X3WjKX6RYOid_QN9_ImGBIZVUz6pEEC7kVBUgYzPtwrtgpahF9T_zD5GIAHQCsCnhYiXduH_SXV0/s320/Screen+Shot+2019-10-11+at+11.15.27+PM.png" width="245" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: center;">
<span style="font-size: x-small;"><a href="https://www.whitehouse.gov/wp-content/uploads/2019/02/IPEC-2018-Annual-Intellectual-Property-Report-to-Congress.pdf">Annual Intellectual Property Report to US congress</a>. February 2019</span></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-70802644461638363012019-09-28T23:24:00.000+02:002020-06-16T23:59:51.632+02:00How easy a google product is being misuse to market counterfeit goods<b>Update (11.06.2020): </b>Google allow now to request removal of "<a href="https://support.google.com/legal/troubleshooter/1114905#ts=9814647%2C1115655%2C9814950%2C9921908" target="_blank">Counterfeit: sale of counterfeit goods</a>" from google search results<br />
<br />
<b>Update (21.10.2019)</b>: INCOPRO has <a href="https://www.incoproip.com/reports/how-and-why-search-engines-must-take-responsibility-for-tackling-counterfeiters">released a report about this same problem</a> with key findings, metrics and a call to internet searches to act against this online fraud, and all quite well formatted for an easy and recommended reading.<br />
<br />
<br />
<blockquote class="tr_bq">
<span style="caret-color: rgba(0, 0, 0, 0.870588); color: rgba(0 , 0 , 0 , 0.870588); font-family: "roboto" , sans-serif;">"<i>While our systems get better over time, counterfeiting remains a complex challenge, and we keep investing in anti-counterfeiting measures</i>." </span> <a href="https://publicpolicy.googleblog.com/2011/03/keeping-counterfeits-out-of-ads.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+GooglePublicPolicyBlog+(Google+Public+Policy+Blog)&utm_content=Google+Reader" style="font-family: roboto, sans-serif; font-size: 14px;">Kent Walker, Senior Vice President and General Counsel, Google. (2011)</a></blockquote>
<blockquote class="tr_bq">
<span style="color: rgba(0 , 0 , 0 , 0.870588); font-family: "roboto" , sans-serif; font-size: 17px;"><i><span style="font-size: 17px;">"</span>Just as in the offline world, people misuse legitimate online services to try to market counterfeit goods. This abuse hurts our users and our business; combating it its central to Google's operations.<span style="font-size: 17px;">"</span></i> </span><span style="caret-color: rgba(0, 0, 0, 0.870588); color: rgba(0 , 0 , 0 , 0.870588); font-family: "roboto" , sans-serif; font-size: x-small;">(<a href="https://drive.google.com//d/0BwxyRPFduTN2YzViYzk2MmEtM2JhNi00NzQ4LThiZGMtYjdiNDY5ZTg3ZTE0/view">Testimony of Kent Walker before the House Judiciary Subcommittee on Intellectual Property, Competition, and the Internet Hearing on 'Promoting Investment and Protectiong Commerce Online: Legitimate Sites v. Parasites, Part II' April 6, 2011)</a></span></blockquote>
<span style="color: rgba(0 , 0 , 0 , 0.870588); font-family: "roboto" , sans-serif; font-size: 17px;"><br /></span>
A few years ago I wrote the SANS paper "<a href="http://blog.emiliocasbas.net/2017/03/sans-research-paper-tracking-online.html">Tracking online counterfeiters</a>". At the time this paper provided some metrics of an <a href="https://www.oecd.org/industry/global-trade-in-fake-goods-worth-nearly-half-a-trillion-dollars-a-year.htm">OECD</a> report dated in 2016 where the trade in counterfeit goods amounted for the 2.5% of world trade. Currently, based on the <a href="https://www.oecd.org/newsroom/trade-in-fake-goods-is-now-33-of-world-trade-and-rising.htm">last OECD report now trade in fake goods is 3.3% of world trade</a> and <b>raising</b>.<br />
<br />
Also in the mentioned SANS paper I did include the research: "<a href="https://www.semanticscholar.org/paper/Framing-Dependencies-Introduced-by-Underground-Thomas-Huang/b19c2aa855c247461d9caa48ea94b0b39d650001">framing dependencies introduced by underground commoditization</a>" which did show the federation of specialists selling capabilities, services, and resources explicitly tailored to the abuse ecosystem.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT-AbP0MPHWxnSmJ2yojhy_bWgxbVJXRuoOMjkBEVkPxNmD3-Ekv7-7zANQT0jid3ohaoGQydQ-s7zc40Lps9452-XC6eM1wqNKiTlh8HEPx2ZDUZ-6oAdqxH5eYH021u9NsW_d8nQsxo/s1600/Screen+Shot+2019-09-22+at+11.54.39+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="536" data-original-width="950" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT-AbP0MPHWxnSmJ2yojhy_bWgxbVJXRuoOMjkBEVkPxNmD3-Ekv7-7zANQT0jid3ohaoGQydQ-s7zc40Lps9452-XC6eM1wqNKiTlh8HEPx2ZDUZ-6oAdqxH5eYH021u9NsW_d8nQsxo/s400/Screen+Shot+2019-09-22+at+11.54.39+PM.png" width="400" /></a></div>
<div class="page" title="Page 3">
<div class="layoutArea">
<div class="column">
<div style="text-align: center;">
<span style="font-family: "nimbusromno9l";"><span style="font-size: x-small;">Revenue generation is outsourced to “affiliates”—independent contractors paid on a commission basis for each sale they bring in. [cited from original paper]</span></span><br />
<span style="text-align: start;"><br /></span>
<span style="text-align: start;"><br /></span>
<br />
<div style="text-align: start;">
<div style="text-align: justify;">
After bit more than a couple of years of the release the aforementioned SANS paper, lets take the two premises above and to dig a little deeper on this online counterfeiting fraud. I will expose briefly specific tactics online counterfeiters use to target different countries. Goal is to support the 2 previous premises: increasing online fraud and the specialists selling capabilities in the underground commoditization market, but also <b>to highlight a huge abuse in a specific search engine I came across while investigating this tactic</b>. An abuse specially "sensitive" as it affects to hundreds of the most famous and counterfeited brands.<br />
<br />
This problem is specially outrageous as currently <b><u>it allows to counterfeiters profit and abuse from free services</u></b> even when in the past <a href="https://publicpolicy.googleblog.com/2011/03/keeping-counterfeits-out-of-ads.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+GooglePublicPolicyBlog+(Google+Public+Policy+Blog)&utm_content=Google+Reader">they used paid services</a>. To not name about millions of users potentially being duped by this <u style="font-weight: bold;">lack of protection against websites whose only purpose is commercial infringement.</u><br />
<br />
Before going into the details, allow me to define what a FAKE website is.<br />
<b><u><br /></u></b>
<br />
<blockquote class="tr_bq">
"<u style="font-weight: bold;"><i><span style="font-size: large;">Defining what is a rogue site is not a simple task.</span></i></u>" <span style="font-size: x-small;"><a href="https://drive.google.com//d/0BwxyRPFduTN2YzViYzk2MmEtM2JhNi00NzQ4LThiZGMtYjdiNDY5ZTg3ZTE0/view">(Testimony of Kent Walker before the House Judiciary Subcommittee on Intellectual Property, Competition, and the Internet Hearing on 'Promoting Investment and Protectiong Commerce Online: Legitimate Sites v. Parasites, Part II' April 6, 2011)</a> </span></blockquote>
</div>
</div>
<div style="text-align: start;">
<br /></div>
<div style="text-align: start;">
<div style="text-align: justify;">
The above statement is part of the testimony of Kent Walker before the House Judiciary Subcommittee on IP, which you can read fully on the link above. With all the respect and humbleness I do not agree with the above statement therefore let me explain my reasoning. I will use the term "rogue site" as a "FAKE site", and as I will deal with FAKE websites here, I will define first what the signs of a FAKE website are. To make it easier, I will follow the <a href="https://www.europol.europa.eu/activities-services/public-awareness-and-prevention-guides/how-to-detect-fraudulent-sites-selling-fakes">guidelines promoted by Europol to detect fraudulent sites selling fakes</a> (also the basis the online tool <a href="https://desenmascara.me/">https://desenmascara.me</a> perform behind the scenes on top of many other checks to flag a website as FAKE). Here the only rectification I would do to those Europol guidelines is to remove the below red flag:</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnwCjPoYG_qqbdvErbQWh6RBDMd2gg4MeKQkyp_7mLzReMj-QgHjrp2nBOXzfm0z46GL5IKujWXRbnQZoWKNdfKm1_NAWNW4QAfqkqVwp-Qv8gORFSz3EM5Z1zUmbHwkmhcdw5ezaAEMA/s1600/Screen+Shot+2019-09-23+at+6.49.49+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="226" data-original-width="1260" height="71" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnwCjPoYG_qqbdvErbQWh6RBDMd2gg4MeKQkyp_7mLzReMj-QgHjrp2nBOXzfm0z46GL5IKujWXRbnQZoWKNdfKm1_NAWNW4QAfqkqVwp-Qv8gORFSz3EM5Z1zUmbHwkmhcdw5ezaAEMA/s400/Screen+Shot+2019-09-23+at+6.49.49+PM.png" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;"><a href="https://www.europol.europa.eu/activities-services/public-awareness-and-prevention-guides/how-to-detect-fraudulent-sites-selling-fakes">How to detect fraudulent sites selling fakes</a> (Europol)</span></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The above check to detect fraudulent sites is not true anymore. The mainstream use of free SSL certificates has made possible that counterfeiters use SSL as for instance the below FAKE site:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgZSv8B9D9FxFDWv2lyKN2-iH-xDJs7lwgcmcQB4M3npncL9yp79NX_n3tq1JoSs_ZPyhfDAlHt1l1mZ1xb0MH6a7G2HRvg65fV6IHsrwN4pqQ4ukBNb1H8hlcd-n3cPNNBvlRZLmlCiI/s1600/Screen+Shot+2019-09-25+at+11.19.57+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="812" data-original-width="1417" height="364" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgZSv8B9D9FxFDWv2lyKN2-iH-xDJs7lwgcmcQB4M3npncL9yp79NX_n3tq1JoSs_ZPyhfDAlHt1l1mZ1xb0MH6a7G2HRvg65fV6IHsrwN4pqQ4ukBNb1H8hlcd-n3cPNNBvlRZLmlCiI/s640/Screen+Shot+2019-09-25+at+11.19.57+AM.png" style="cursor: move;" width="640" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">FAKE website using a SSL certificate</span></div>
<div style="text-align: center;">
<span style="font-size: x-small;"><br /></span></div>
<br />
but lets go back to the point. <u style="font-weight: bold;">I do think that to define what is a rogue site is a simple task,</u> so simple I am still surprised <a href="http://blog.emiliocasbas.net/2016/04/desenmascarame-has-been-integrated-into.html">no one is doing something</a> like this <a href="http://blog.emiliocasbas.net/2017/12/prediction-safe-browsing-technology.html">yet</a>.<br />
<br />
<u style="font-weight: bold;">To my humble understanding, a FAKE website is a rogue website that generate profits from the theft of intellectual property and/or lure users.</u> Thats all. How can I back up such statement?, keep reading.<br />
<br />
In one side we have the guidelines mentioned previously by Europol plus the yearly Europol operation <a href="https://www.europol.europa.eu/activities-services/europol-in-action/operations/operation-in-our-sites-ios">In Our Sites (IOS)</a> to seize domain names distributing counterfeit and pirated items online. <a href="https://www.europol.europa.eu/newsroom/news/operation-takes-down-over-33-600-internet-domains-selling-counterfeits-goods">The last edition in its ninth year was the most successful ever</a>. In the other side, after years working to improve the accuracy of <a href="https://desenmascara.me/">https://desenmascara.me</a> to flag whether a website is FAKE or not, I did one thing to not only raise awareness of this online fraud to consumers but also to let brands offended know about FAKE websites abusing its trademark, I did this through the <a href="https://twitter.com/desenmascarame">twitter bot desenmascarame</a>, which only tweet a small percentage of FAKE websites being detected. At the time of writing this, this bot has tweeted around 15k times mentioning to hundreds of brands affected by FAKE websites:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5cBjUl-lHFU1ya8pDfSJ5OAKylwuunyWVgZBhMJNpiHTJdoucolRFXFdjK5t0JVzkIk1VMwXxWt_YdxjryqebWdy62-jBvybFIjucQjrpMUxS8Kyh8zsEMpqfZqNQarRTeUkT2IXmGtU/s1600/Screen+Shot+2019-09-25+at+11.44.03+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="726" data-original-width="491" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5cBjUl-lHFU1ya8pDfSJ5OAKylwuunyWVgZBhMJNpiHTJdoucolRFXFdjK5t0JVzkIk1VMwXxWt_YdxjryqebWdy62-jBvybFIjucQjrpMUxS8Kyh8zsEMpqfZqNQarRTeUkT2IXmGtU/s400/Screen+Shot+2019-09-25+at+11.44.03+AM.png" width="270" /></a></div>
<br />
<div style="text-align: center;">
<span style="font-size: x-small;">Twitter bot <a href="https://twitter.com/desenmascarame">desenmascara.me</a></span></div>
<br />
<br />
Until now the twitter bot has not received any complain by the brands affected but the opposite; this information has been proved useful for the brands mentioned as per the feedback received by many of them:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhF-DZFw7o3ZU_nqQC1YPQbKLouYwqj69gb6lc8v2uUWr-UniXyopGhOn57hkKzVT0H8ktffhZpYjBxQELEkwEvA2qa33wLLREUPzhget9YURu1jrnE3UTCAUvEq_USbIrwyFnxaxJvSm4/s1600/Screen+Shot+2019-09-25+at+11.49.50+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="648" data-original-width="1172" height="352" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhF-DZFw7o3ZU_nqQC1YPQbKLouYwqj69gb6lc8v2uUWr-UniXyopGhOn57hkKzVT0H8ktffhZpYjBxQELEkwEvA2qa33wLLREUPzhget9YURu1jrnE3UTCAUvEq_USbIrwyFnxaxJvSm4/s640/Screen+Shot+2019-09-25+at+11.49.50+AM.png" width="640" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">Small extract of brands answering the twitter bot</span></div>
<br />
<br />
All this experience working to detect counterfeit-related webs plus the feedback received by the brands and the request to provide such "intelligence" in formal ways, did allow me to set up a business based on a SaaS service out of this 4 years side project. The business goal is pretty simple but yet effective: <b>to detect and flag counterfeit-related webs</b>, to hand over either later or in real time this specific "intelligence" to the offended brands. Afterwards the brands (or their legal representatives) can initiate legal actions against the infringing websites. On top of that I do receive mails from users who have been lured by counterfeiters to find later that the online tool <a href="https://desenmascara.me/">https://desenmascara.me</a> would have avoided them to become victim of such fraud, these users also report websites which they think are FAKE but for whatever reason the online tool is not able to flag correctly.<br />
<br />
It is this mix of technology + users what make the online tool <a href="https://desenmascara.me/">https://desenmascara.me</a> a powerful proof of concept, but yet fully functional and in constant evolution. A proved novel solution which could be used as the basis to tackle the online counterfeiting fraud problem globally.</div>
<div style="text-align: justify;">
<br />
All this acumen allow me to affirm that <b><u>to define what a rogue website is, it is not a complicated task, but yet a grey area</u></b>. A grey area where the <a href="https://en.wikipedia.org/wiki/Digital_Millennium_Copyright_Act">DMCA</a> and a position to censor the Internet intersect. These facts lead to a situation where there is no incentive to be proactive with the online counterfeiting fraud but instead reactive by putting <a href="https://support.google.com/legal/contact/lr_counterfeit?product=groups">forms to report counterfeit goods aimed to trademark owners</a>. Grey area as also it depends of country legislation and local judge considerations, for instance there are legal cases where <a href="http://www.bailii.org/ew/cases/EWCA/Civ/2016/658.html">Internet Service providers were ordered to block websites infringing trademarks</a>, and other <a href="https://www.reuters.com/article/us-swisscom-court/swisscom-cannot-be-forced-to-block-illegal-film-websites-court-idUSKCN1QG1KI">cases where the ISP could not be forced</a>. Country specific legislations, right holders and internet freedom make this topic not only a grey area but a hard problem to solve where different actors should be aligned to act upon it at the scale it deserves.<br />
<br />
The scale I am talking about is not about thousands but millions of domains being used by online counterfeiters to promote their items and to lure internet users. Despite all the efforts and huge investments big companies are making, this is happening with the <a href="http://blog.emiliocasbas.net/2017/01/facebook-does-not-worry-about-online.html">complicity of search engines and social networks alike</a>, plus the lack of security vendors making any effort on this area.<br />
<br />
Is there any technology (i.e: Safebrowsing, proxy vendors, web of trust, blacklists...) right now which prevent you to browse any of these websites; (https:// www.swarovskijoyas .es), or this (https:// www.philippevente. online), or this ( https:// northfaces. store) or this one (https: //www. jackwholesaler.com)... ? (if so please do let me know).<br />
<br />
<br />
After all this introduction of FAKE websites and the grey area they belong to, let me show you how I came across a specific google product being massively misuse to market counterfeit goods.<br />
<br />
As part of improving the detection accuracy of desenmascara.me I spent time researching how online counterfeiters operate, what their tactics are, how they are organized and what toolkits they are using to scale their business. Let's start with a simple FAKE web page like below:<br />
<br /></div>
</div>
</div>
</div>
</div>
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKm7B_pAy8P6l9Kvc-woxUfOCrrrsnM8q8y9_OOlSo52__8Ir2eAShe6lQl6d1eUZIZqonhia0CS-TTieSt5qSxbodWMeF9z7MKMeX-N13kM-bQO12j7i4z7KBYEeEVgbtAQV3de15PvQ/s1600/Screen+Shot+2019-09-22+at+11.24.06+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="639" data-original-width="1094" height="186" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKm7B_pAy8P6l9Kvc-woxUfOCrrrsnM8q8y9_OOlSo52__8Ir2eAShe6lQl6d1eUZIZqonhia0CS-TTieSt5qSxbodWMeF9z7MKMeX-N13kM-bQO12j7i4z7KBYEeEVgbtAQV3de15PvQ/s320/Screen+Shot+2019-09-22+at+11.24.06+PM.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="text-align: start;"><span style="font-size: x-small;">http:// www.libredetabaco.es</span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="text-align: start;"><span style="font-size: x-small;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="text-align: start;"><span style="font-size: x-small;"></span></span></div>
<div class="page" title="Page 3">
<div class="layoutArea">
<div class="column">
<div style="text-align: center;">
<div style="text-align: start;">
<div style="text-align: justify;">
<br />
This web fall easily under the red flags exposed by Europol:<br />
<br />
<ul>
<li>Prices seems good</li>
<li>Contact us section pretty simple and generic</li>
<li>Site looks unfinished with broken links</li>
<li>Domain name is totally unrelated to the content</li>
<li>and many more red flags...</li>
</ul>
<div>
<br /></div>
<div>
Now looking at the html code let's focus our attention in the highlighted line:</div>
<div>
<br /></div>
</div>
</div>
</div>
</div>
</div>
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIJfGF_S8YXKFXRbb098y0Q6OLgXbkT6VEzkyZczapjwNN2OJWkMp1ipAuP1Ycc6FEQGgFpU2OWLu3F6d9ispFbyXHx8VEW2D0kVJ3F2U8SQilERCnL7lHd3ShQRtNySfuPbt89GlsLNg/s1600/Screen+Shot+2019-09-22+at+11.27.45+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="82" data-original-width="743" height="70" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIJfGF_S8YXKFXRbb098y0Q6OLgXbkT6VEzkyZczapjwNN2OJWkMp1ipAuP1Ycc6FEQGgFpU2OWLu3F6d9ispFbyXHx8VEW2D0kVJ3F2U8SQilERCnL7lHd3ShQRtNySfuPbt89GlsLNg/s640/Screen+Shot+2019-09-22+at+11.27.45+PM.png" width="640" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">Suspicious html code used by the counterfeiter actor</span></div>
<br />
<br />
It seems a custom code used under the templates directory (to setup how the website looks) to create the website. If we look such specific string in google we do only see 4 organic results (3 domains used by the counterfeiters in the Search Engine Results Page, SERP) but <b>the interesting part is in the "images product"</b>:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqDSQQDyE_HCuVGPJqa26FznmRmIM3oF1dV-Ow4oPcvhGn9sVHMeXxsGWP97RbUo66I45umw4l_yx_DsLVSBOfei2xjr95W12OgMwohnQTRLWf6OF6O1sVc_deRdYubPd3nNuKYzH4nCE/s1600/Screen+Shot+2019-09-25+at+12.56.17+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="829" data-original-width="855" height="386" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqDSQQDyE_HCuVGPJqa26FznmRmIM3oF1dV-Ow4oPcvhGn9sVHMeXxsGWP97RbUo66I45umw4l_yx_DsLVSBOfei2xjr95W12OgMwohnQTRLWf6OF6O1sVc_deRdYubPd3nNuKYzH4nCE/s400/Screen+Shot+2019-09-25+at+12.56.17+PM.png" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">Google SERP of a specific template directory found in the html code</span></div>
<br />
<br />
When we click on "Más imagenes de..." translated from spanish into english to "more images of.." we do see the following pictures under the highlighted domains (all FAKE based on Europol red flags and desenmascara.me)<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHavCj19eUaHmYTQgPUzunB6ryfY7ZiVUyM76auxLjpDjxMZb9b8yODYfnQjjRzbsZIXBytQmalRZuYfkPaJy8BdjKqu6EC6GGZAGjEJ_80Ad14UG0GivE1Ox-5vytOJUbbsfpFbN97b4/s1600/Screen+Shot+2019-09-22+at+11.36.18+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="580" data-original-width="1046" height="353" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHavCj19eUaHmYTQgPUzunB6ryfY7ZiVUyM76auxLjpDjxMZb9b8yODYfnQjjRzbsZIXBytQmalRZuYfkPaJy8BdjKqu6EC6GGZAGjEJ_80Ad14UG0GivE1Ox-5vytOJUbbsfpFbN97b4/s640/Screen+Shot+2019-09-22+at+11.36.18+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: x-small;">Google images result with the string search <b><span style="color: red;">wgtestwo136dkghnleejfliejf</span></b></span></div>
<br />
<br />
<div style="text-align: justify;">
There are several results pointing to around 7 different websites with the same code. It's likely that the code belongs to the creator of the website as in this specific case, all results are under the Top Level Domain (TLD) .es and with domains which were expired and leveraged afterwards by the FAKE sites creators, this is another typical tactic of the counterfeiters.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Lets try to confirm this with a different domain hosted in the same infrastructure as the previous FAKE website, now take a look to a slightly different but still following the same string format as the previous example:</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtSepKnUcBtqt3wUYVHAJrAuCWvY34fnj1yi6y4xwkzQGFJn_ygD6ZhMXj5MzLmVkjk-e13kU5bW5IAL301gtKkf_SdnJaDpIcPMLqX5lau-Bva2PKnpcWBG1kgZcJrneNtiLp_U2j11E/s1600/Screen+Shot+2019-09-22+at+11.44.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="78" data-original-width="753" height="65" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtSepKnUcBtqt3wUYVHAJrAuCWvY34fnj1yi6y4xwkzQGFJn_ygD6ZhMXj5MzLmVkjk-e13kU5bW5IAL301gtKkf_SdnJaDpIcPMLqX5lau-Bva2PKnpcWBG1kgZcJrneNtiLp_U2j11E/s640/Screen+Shot+2019-09-22+at+11.44.55+PM.png" width="640" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">Suspicious html code used by the counterfeiter actor</span></div>
<div style="text-align: center;">
<span style="font-size: x-small;"><br /></span></div>
<div>
<span style="font-size: x-small;"><br /></span></div>
<div style="text-align: justify;">
here we have around 10 counterfeit-related websites which belong to the same code and also as the previous example all those websites are under the TLD .es and all of them domain names unrelated to the webshop content:</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU9S6rU-BYMG37tCpUYUMeA5FRGzxIpPfbR-5w_QgcjlNexd0WnmEaMoKpMhu3F4GuPEPdsaQji2P-ZNpWyJHDBNRJTMXZh_UIcr3AgCg6xqH8D9vflvZMJhZjczPfOiY-fDsdp2rqYbo/s1600/Screen+Shot+2019-09-22+at+11.47.31+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="581" data-original-width="1107" height="332" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU9S6rU-BYMG37tCpUYUMeA5FRGzxIpPfbR-5w_QgcjlNexd0WnmEaMoKpMhu3F4GuPEPdsaQji2P-ZNpWyJHDBNRJTMXZh_UIcr3AgCg6xqH8D9vflvZMJhZjczPfOiY-fDsdp2rqYbo/s640/Screen+Shot+2019-09-22+at+11.47.31+PM.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: x-small;">Google images result with the string search <b><span style="color: red;">wgtestwo134asuifheufhals</span></b></span></div>
<div>
<span style="font-size: x-small;"><b><span style="color: red;"><br /></span></b></span></div>
<br />
<div style="text-align: justify;">
Here what we are observing is specific contractors creating FAKE websites under the TLD .es. These contractors are just a small part of the full suply chain of the online counterfeiting schemes as pointed out in the paper mentioned at the beginning of this article.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Now lets take a look to actors dedicated to different countries as for example <i>Germany and Austria</i> (.de and .at TLDs). The website template below looks quite similar to the previous website:</div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiPBfIrDm146pVZGLkvuRnt_BciLc2qJ8YmYZowO0kjvN3cwkknGlG1A-pyNKcfyGOiiuSH5vTqfDzorzdON6r7vqBEEYrs8cxQKgSwYftNR7FhUcjUBX0diK6vHqXsdUYBVvbyx7PIHo/s1600/Screen+Shot+2019-09-22+at+11.02.05+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="626" data-original-width="1122" height="178" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiPBfIrDm146pVZGLkvuRnt_BciLc2qJ8YmYZowO0kjvN3cwkknGlG1A-pyNKcfyGOiiuSH5vTqfDzorzdON6r7vqBEEYrs8cxQKgSwYftNR7FhUcjUBX0diK6vHqXsdUYBVvbyx7PIHo/s320/Screen+Shot+2019-09-22+at+11.02.05+PM.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: x-small;">http:// www.circuitnoize.at</span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div style="text-align: justify;">
red flags are the same as the previous FAKE website, but now in the html code we notice a slightly different template name (<i><span style="color: red;">tu2kitySHOPde</span>)</i>:</div>
<br />
<blockquote class="tr_bq">
<i>"<div class="yccrFvaOgfCU"><img src="includes/templates/tu2kitySHOPde/images/cardd.gif"></div>"</i></blockquote>
<div style="text-align: center;">
<span style="font-size: x-small;">Suspicious html code used by the counterfeiter actor</span></div>
<div style="text-align: center;">
<span style="text-align: start;"><br /></span></div>
<div style="text-align: center;">
<span style="text-align: start;"><br /></span></div>
<div style="text-align: justify;">
<span style="text-align: start;">now we do the same as before, to perform a google search with such specific code. On this occasion 0 results came on the search but again it led us to the additional and interesting results on google images:</span></div>
<div style="text-align: justify;">
<span style="text-align: start;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKkNDeiIj3Tbayi_I-2b-f30xFq_x8k8vS3Ej3jXu9uGYwAaCJRL1rliT0Crfdrgrrjg4sZhLpBb9Lfpn9g8lFpyAOWuuv1IaEQdKGizAbJWSFNWmkT9EExk40_Yc3Ro0WT4WFqjMHj3g/s1600/Screen+Shot+2019-09-25+at+1.26.20+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="516" data-original-width="811" height="253" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKkNDeiIj3Tbayi_I-2b-f30xFq_x8k8vS3Ej3jXu9uGYwAaCJRL1rliT0Crfdrgrrjg4sZhLpBb9Lfpn9g8lFpyAOWuuv1IaEQdKGizAbJWSFNWmkT9EExk40_Yc3Ro0WT4WFqjMHj3g/s400/Screen+Shot+2019-09-25+at+1.26.20+PM.png" width="400" /></a></div>
<div style="text-align: justify;">
<span style="text-align: start;">we click on google images and whoila!!, we do see few domains with the same type of pictures:</span></div>
<div style="text-align: center;">
<br /></div>
<div>
<span style="font-size: x-small;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5eQLZXNhEep075TZff9w6YItwWtBaGeO1uo1__XhToUNakaQv_a7eProlJWHw-6PyvqmK84IjoNjDaFR7Xr0vJ6HQFtcqWYVkdIvNfKCF07RoVQ8-g-F60FlsmFJ3XBOmWNy09_V4Qb4/s1600/Screen+Shot+2019-09-25+at+1.19.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="648" data-original-width="1104" height="233" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5eQLZXNhEep075TZff9w6YItwWtBaGeO1uo1__XhToUNakaQv_a7eProlJWHw-6PyvqmK84IjoNjDaFR7Xr0vJ6HQFtcqWYVkdIvNfKCF07RoVQ8-g-F60FlsmFJ3XBOmWNy09_V4Qb4/s400/Screen+Shot+2019-09-25+at+1.19.55+PM.png" width="400" /></a></div>
<div>
<span style="font-size: x-small;"><br /></span></div>
<br />
hxxp://www.guntenlauf.at/<br />
hxxp://www.circuitnoize.at<br />
hxxp://www.nikolabartenbachkunst.at<br />
hxxp://www.awesome-riders.at<br />
hxxp://www.strahlemannrockt.de/<br />
<br />
<div style="text-align: justify;">
also registration of the above domains did happen on the same consecutive days. This is just a small specific example of how actors operate to create FAKE shops with pre-built kits and to host them under previously used domains and TLDs they might be familiar with in terms of language or target market.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
In order to avoid sensibilities with the above examples with google images, I have tried to avoid showing websites targeting specific brands. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The fact that by looking those quite specific unique codes found in the html code of the FAKE sites, did raise just a few or none results on a google search but instead did raise results on the search image product, made me to explore some possibilities which after few tests were proved true: <b><u>the google image search product open the door to thousands of results of FAKE websites offending literary every brand which might be counterfeited</u></b>. These results while there are not available in the SERPs (at least not visible in the first pages), they are fully available through google search images:</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6iodQKCMaal7Hfdd41EKKCFPpVtBI8Y2-2eV_7b3_UhKIbY5ShXcd_W4MG0G4m6_dNo94xsrKPIxT2W8DMvZBDVcrihmx9Y7Cxk-Aw2O9WMrI-KPKX6wh2myoGLyZWMmyIjLt4bbVm7E/s1600/Screen+Shot+2019-09-25+at+4.39.00+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="603" data-original-width="818" height="470" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6iodQKCMaal7Hfdd41EKKCFPpVtBI8Y2-2eV_7b3_UhKIbY5ShXcd_W4MG0G4m6_dNo94xsrKPIxT2W8DMvZBDVcrihmx9Y7Cxk-Aw2O9WMrI-KPKX6wh2myoGLyZWMmyIjLt4bbVm7E/s640/Screen+Shot+2019-09-25+at+4.39.00+PM.png" width="640" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">Google image results leading to FAKE websites owned by online counterfeiters.</span></div>
<br />
<br />
<div style="text-align: justify;">
I have omitted any specific brand logo or trademark name buy as you can see above, a typical google search image might led to FAKE websites. <b>All those websites were categorized as FAKE by the online tool</b> <a href="http://desenmascara.me/">desenmascara.me</a> due to all of them having the red flags recommended by Europol to detect fraudulent websites. Also note that the <a href="https://www.mywot.com/">web of trust</a> icon (the green icon close to the website address) does not indicate any danger or suspicious flag, when actually, any user who would purchase items on any of those websites might be:</div>
<ul>
<li style="text-align: justify;">Lured and will not receive anything</li>
<li style="text-align: justify;">Lured and will receive a counterfeit item</li>
<li style="text-align: justify;">Lured and their personal information will be misuse to feed this online fraud</li>
<li style="text-align: justify;">Lured and their credit card details will be stolen</li>
</ul>
<div style="text-align: justify;">
In resume, users being directed towards these websites might be lured by the online counterfeiters.</div>
<div>
<br /></div>
<div style="text-align: justify;">
To finalize, as already mentioned, this might be a grey area, but the true reality is that is not so difficult to detect and flag FAKE websites. Google has hundreds of PHDs working in Mountain View, Zurich and around the world to work on hard problems. Maybe this problem doesn't make the cut of the priority list right now?. Based on the World Economic Forum (WEF), <a href="http://www3.weforum.org/docs/WEF_State_of_the_Illicit_Economy_2015_2.pdf">online counterfeiting is part of one of the top illicit trades of the 21st century</a>, along with drug trafficking, human trafficking, diamonds and few others. It is in the best interest of users, the brands affected and the society in general (terrorism finance, tax evasion, child work, poor conditions...) to keep these counterfeit sellers out of the Internet. We just need the will, proactivity and cooperation to tackle this online fraud.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<blockquote class="tr_bq">
<b>Disclaimer</b>: off course, I have a vested interest in taking these counterfeit websites out of Internet. I just want to test my proof of concept project at scale to show how this problem might be solve.</blockquote>
<div style="text-align: justify;">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-71527491066085305262019-08-19T00:35:00.003+02:002019-08-19T00:49:15.004+02:00How to prevent Business Email Compromise (BEC) fraud ?<div style="text-align: justify;">
O en español; como prevenir el fraude del CEO.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The past year the <a href="https://www.ic3.gov/media/2018/180712.aspx">FBI published an alert</a> pointing out that the BEC fraud exceed $12 billion globally.</div>
<div style="text-align: justify;">
The report was based on data collected by the FBI´s Internet Crime Complaint Center (IC3), international law enforcement and financial institutions between October 2013 and May 2018. The amounts represent both money that was actually lost by victims and money they could have lost had they taken the bait.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Many of these attacks are skillfully crafted. Criminals lurking on websites and social media con uncover plenty of information for fine-tuned spear phishing emails: who suppliers are, what the management structure is, who is receiving new business pitches or expansion plans, etc. Executive travel plans are particularly useful for scenarios like this since the urgency of a task can be inflated from abroad: "I'm in Singapur and we need to make a payment ASAP to this supplier or we risk losing it. Don't delay - please wire these funds immediately."</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
How this fraud could be prevented?:</div>
<div style="text-align: justify;">
<br /></div>
<ol>
<li style="text-align: justify;">To train your leadership, specially in finance about the risks associated with these kind of attacks, methods of detection and manual authentication.</li>
<li style="text-align: justify;">Methods of detection will include to be vigilant to:</li>
<ul>
<li style="text-align: justify;">Pressure and a sense of urgency</li>
<li style="text-align: justify;">Unusual request in contradiction with internal procedures</li>
<li style="text-align: justify;">Typosquatted domains similar to your company (@R0CHE.COM instead of @ROCHE.COM)</li>
</ul>
<li style="text-align: justify;">To use <a href="https://dmarc.org/">DMARC</a>. Domain-based Message Authentication, Reporting & Conformance, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author ("From:") domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.</li>
</ol>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
You can check wether you organization has DMARC in place or not just by typing the domain part of your mail address into this <a href="https://dmarcguide.globalcyberalliance.org/#/">resource</a>.</div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5QoIrZgQstjrVjOZSKDxLbXfPBCJz_8ZSbcUPY1MXkLu8gkU7QA_nzWgVzxJWjPU5jnNWV3ammTvPyXIofewMCsVPGlf-dfLPxovwHmjmnHlisq8R5MPOfu5zHmxk56UcNlyiXzJjhvk/s1600/Screen+Shot+2019-08-19+at+12.27.18+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="583" data-original-width="988" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5QoIrZgQstjrVjOZSKDxLbXfPBCJz_8ZSbcUPY1MXkLu8gkU7QA_nzWgVzxJWjPU5jnNWV3ammTvPyXIofewMCsVPGlf-dfLPxovwHmjmnHlisq8R5MPOfu5zHmxk56UcNlyiXzJjhvk/s400/Screen+Shot+2019-08-19+at+12.27.18+AM.png" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">DMARC check compliance for the gmail.com domain</span></div>
<br />
<br />
<br />
<div style="text-align: justify;">
Basically, DMARC is a technology that allows you to confirm whether an email is from the organization it claims to be from. This technology will not help you in cases where the corporate email has been compromised, and the attacker has full access to the mail account of the person in finance. Obviously this approach would require much more effort.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Since June 2016, the Global Cyber Alliance (GCA) has been working to accelerate adoption of DMARC through advocacy, by providing a <a href="https://www.globalcyberalliance.org/dmarc/">set of easy-to-use tools</a> and campaigns to drive deployement. GCA also measured the economic impact on this <a href="https://www.globalcyberalliance.org/wp-content/uploads/GCA-ROI-FULL-report-102618.pdf">report</a>. The benefits to deploy DMARC in your company are clear. What are you waiting for?</div>
<div style="text-align: justify;">
<br /></div>
<br />
<br />
<br />
<div style="caret-color: rgb(51, 51, 51); color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-88183321850458831542019-08-07T23:39:00.001+02:002019-08-07T23:39:45.363+02:00Criminal activity involving counterfeiting and the professionalised organized crime networksRecently, the first EU-wide intellectual property crime threat assessment from Europol and the European Union Intellectual Property Office (<a href="https://euipo.europa.eu/ohimportal/en" style="box-sizing: border-box; caret-color: rgb(34, 34, 34); color: #008fff; font-family: robotolight, sans-serif; font-size: 15.699999809265137px; line-height: inherit; text-decoration: none; transition: background-color 0.3s ease, color 0.3s ease;">EUIPO</a>) was published. <a href="https://www.europol.europa.eu/newsroom/news/new-threat-assessment-confirms-links-between-counterfeiting-and-organised-crime-in-eu">Press release by Europol</a>.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7GCoulhFMV9sC44lqpX459vp9wT06IdkjsqeX1r2YP9y8HPZBCjkFdWGcOeqJgTKe4hdGrmVmamclQblQM6HXwB4D3IC9uvAja9PBWw8x13cy5Q9Jx4p0pt_IDvEiHWU8Pb0o1qQwRpI/s1600/Screen+Shot+2019-07-08+at+10.58.58+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="750" data-original-width="901" height="332" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7GCoulhFMV9sC44lqpX459vp9wT06IdkjsqeX1r2YP9y8HPZBCjkFdWGcOeqJgTKe4hdGrmVmamclQblQM6HXwB4D3IC9uvAja9PBWw8x13cy5Q9Jx4p0pt_IDvEiHWU8Pb0o1qQwRpI/s400/Screen+Shot+2019-07-08+at+10.58.58+PM.png" width="400" /></a></div>
<div style="text-align: center;">
<a href="https://euipo.europa.eu/tunnel-web/secure/webdav/guest/document_library/observatory/documents/reports/2019_IP_Crime_Threat_Assessment_Report/2019_IP_Crime_Threat_Assessment_Report.pdf">Report available</a></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The report contains 40 pages of insights about criminal activity involving counterfeiting and the professionalised organized crime networks, which can reap large profits while running relatively few risks. It was created with EU-wide data and strategic intelligence analysis. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Below are the main points I would highlight on this report:</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Metrics related:</b></div>
<div style="color: #454545; font-family: "Helvetica Neue"; font-size: 12px; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>Counterfeit and pirated goods could make up as much as 6.8 % of EU imports, amounting to EUR 121 billion </li>
<li>In 2016, up to 6.8 % of EU imports constituted counterfeit and pirated goods, amounting to as much as EUR 121 billion. Compared to 5 % in 2013, this is a sharp increase in three years1. </li>
<li><div style="color: #454545; font-family: "Helvetica Neue"; font-size: 12px; font-stretch: normal; line-height: normal;">
The economic impact of counterfeit clothing and personal accessories is particularly high. It is estimated that counterfeiting causes losses of around EUR 26 billion per year to the clothing, footwear and accessories sector13 and around EUR 2 billion a year to the jewellery and watches sector in the EU14. </div>
<div style="color: #454545; font-family: "Helvetica Neue"; font-size: 12px; font-stretch: normal; line-height: normal;">
<br /></div>
</li>
</ul>
<div>
<br /></div>
<div>
<b>Facts related:</b></div>
<div>
<ul>
<li><div style="color: #454545; font-family: "Helvetica Neue"; font-size: 12px; font-stretch: normal; line-height: normal;">
Although shipment of counterfeit goods to the EU still occurs largely in bulk by freight transport, in recent years there has been a strong increase in express transport. This sharp growth in trade via small parcels is related to the growth in online marketplaces selling counterfeit goods </div>
<div style="color: #454545; font-family: "Helvetica Neue"; font-size: 12px; font-stretch: normal; line-height: normal;">
<br /></div>
</li>
<li><span style="color: #454545; font-family: "helvetica neue"; font-size: 12px;">Besides the traditional luxury items, a wide range of everyday goods are targeted by counterfeiters. This includes cosmetics, electronic components, food and drinks, pesticides, pharmaceuticals, tobacco products, toys and vehicle parts. </span></li>
</ul>
<div style="color: #454545; font-family: "Helvetica Neue"; font-size: 12px; font-stretch: normal; line-height: normal;">
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>A growing number of counterfeit pharmaceuticals are detected in small parcels, facilitated by a continuous expansion of unauthorised and unregulated online pharmacies. </li>
</ul>
<br />
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>The market for counterfeit goods remains highly profitable, providing criminals with opportunities to generate huge profits while running few risks. Most criminal activity involving counterfeiting is undoubtedly performed by organised crime groups and there appears to be an overall professionalisation of these groups. </li>
</ul>
<br />
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>Counterfeiting and piracy are lucrative criminal activities, while at the same time generating relatively low detection risks. </li>
</ul>
</div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>several EU Member States have in recent years decreased their focus on fighting IP crime, in favour of other criminal activities that are deemed more serious and harmful, such as drugs trafficking, migrant smuggling, trafficking in human beings, and terrorism </li>
</ul>
</div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>Online marketplaces are increasingly becoming an important source of income for criminal groups engaged in the sale of counterfeit and pirated goods. </li>
</ul>
</div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>In a series of studies conducted by the EUIPO over the last few years, the direct annual losses of 13 market sectors that are particularly vulnerable to counterfeiting have been estimated. Collectively, these sectors lose EUR 60 billion a year, or 7.5 % of their total sales. </li>
</ul>
</div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>However, despite the large number of counterfeit clothes and shoes that are sold online, they are also still commonly sold on the streets of certain cities and in popular tourist areas. </li>
</ul>
</div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>A particularly worrisome development is that some of the jihadist terrorist attacks in the EU in recent years were partially financed by selling counterfeit clothing and shoes, although the most prominent example of this already stems from 2015. The Kouachi brothers, responsible for the terrorist attack on the Charlie Hebdo office, had been involved in selling counterfeit sports shoes. They had paid for the shoes via international payment services and imported them via parcel service from China. </li>
</ul>
</div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>Other criminal acts that are commonly committed by counterfeiting organised crime groups are excise fraud and VAT fraud. </li>
</ul>
</div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>Criminals are increasingly offering counterfeit goods through social media networks using specific URLs that can be hard to identify by law enforcement authorities. </li>
</ul>
</div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>A common modus operandi for online counterfeiters is to re-register previously used legitimate domain names, also referred to as cybersquatting. Domain names that have previously been used for a wide variety of purposes, including those used by commercial businesses, embassies or politicians, are systematically re-registered to operate as e-shops selling counterfeit goods. This reuse of legitimate websites ensures consistent internet traffic towards these e-shops41. </li>
</ul>
</div>
<div>
<br /></div>
<div>
<b>Security related:</b></div>
<div>
<br /></div>
<div>
<div style="font-family: "Helvetica Neue"; font-stretch: normal; line-height: normal;">
</div>
<ul>
<li>While consumers are attracted to these kind of websites by the free content they can find there, in many cases these same websites are used to target exactly those types of consumers with phishing attempts or the dissemination of malware. It is estimated that one in four persons who stream illegally through a box or stick are affected by a virus or malware. Different kinds of malware and potentially unwanted programmes (PUPs) have been found on suspected websites sharing copyright-infringing content for free, which use deceptive techniques and social engineering to trick consumers into sharing sensitive personal information or even payment card details. This includes many PUPs for the Android OS, reflecting the growing popularity of mobile devices. </li>
</ul>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<br /></div>
<div style="color: #454545; font-family: "Helvetica Neue"; font-size: 12px; font-stretch: normal; line-height: normal;">
<br /></div>
<div>
</div>
<ul>
</ul>
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-19902640895504801912019-06-10T19:42:00.001+02:002019-06-10T19:45:40.560+02:00Captchas being used by online counterfeiters to protect their FAKE webs<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaei3WhKHJQ9I8M_hv276KO-DeraTKiVEvcX1n-xfxrHqyyvW0KSLXFZ9ERTfAPcmI4pg-fHtfGkMMNy-ob7f4O77RNTbmOEszr8SetHlk-6va483IMNHHj9CRYM662NRos5Gy6PE8j4/s1600/Screen+Shot+2019-06-10+at+7.34.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="212" data-original-width="684" height="198" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaei3WhKHJQ9I8M_hv276KO-DeraTKiVEvcX1n-xfxrHqyyvW0KSLXFZ9ERTfAPcmI4pg-fHtfGkMMNy-ob7f4O77RNTbmOEszr8SetHlk-6va483IMNHHj9CRYM662NRos5Gy6PE8j4/s640/Screen+Shot+2019-06-10+at+7.34.55+PM.png" width="640" /></a></div>
<br />
This is a new technique spotted by <a href="http://desenmascara.me/">desenmascara.me</a>. After digging a bit about the reason of some FAKE websites from different brands, being not flagged as such by desenmascara.me, I stumbled upon this new technique.<br />
<br />
<a href="https://de.wikipedia.org/wiki/Captcha">Captchas</a> are mainly used as a security check to ensure only human users can pass through, usually used in form submissions, or online tools to avoid bots or any automatic misuse.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeGCiYsR5oKxmEtxXiJXLjUxXBlu2zvxbidx3k6kVvC6lcM8C59uKEu7Id0g7-HFpsEozD1F5h4GzpzrtyDPhTBbW2oI088LqVk1wQV-xzgx2GditiGerCeAYDD-5QwNF7WX0ksr7hBTs/s1600/Screen+Shot+2019-06-10+at+7.44.01+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="757" data-original-width="1116" height="271" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeGCiYsR5oKxmEtxXiJXLjUxXBlu2zvxbidx3k6kVvC6lcM8C59uKEu7Id0g7-HFpsEozD1F5h4GzpzrtyDPhTBbW2oI088LqVk1wQV-xzgx2GditiGerCeAYDD-5QwNF7WX0ksr7hBTs/s400/Screen+Shot+2019-06-10+at+7.44.01+PM.png" width="400" /></a></div>
<br />
<a href="http://desenmascara.me/">Desenmascara.me</a> has included a new check to bypass this "protection" implemented recently by the online counterfeiters in their FAKE webs.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKduwXGEdGxNoa3dOtr146R33thC3CAdzNaVvfGfdzGDUzGwzkVQRDoD-TybT6fTJCHufdIqPmIutkDJZt3GdBrpUPkzjtM3RqZ762qhZTiQhZvOZUnRFl9Ll2Qpj8Ss1Dg9OSriB4pfo/s1600/Screen+Shot+2019-06-10+at+7.45.02+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="265" data-original-width="648" height="162" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKduwXGEdGxNoa3dOtr146R33thC3CAdzNaVvfGfdzGDUzGwzkVQRDoD-TybT6fTJCHufdIqPmIutkDJZt3GdBrpUPkzjtM3RqZ762qhZTiQhZvOZUnRFl9Ll2Qpj8Ss1Dg9OSriB4pfo/s400/Screen+Shot+2019-06-10+at+7.45.02+PM.png" width="400" /></a></div>
<br />
I keep improving <a href="http://desenmascara.me/">desenmascara.me</a> with the goal to become the only URL engine being able to spot any kind of FAKE website related with the counterfeiting. If you have any tips or feedback to improve this online service, please do let us know. Many thanks!Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-19909738462761364392018-09-03T23:28:00.000+02:002018-09-03T23:31:02.379+02:00Desenmascara.me at Blackhat USA arsenal 2018The past month took place the Black Hat conference 2018 in Las Vegas.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjH4gZz-sSJ5q3AmV_AbpoBaWg-1Fl1KbeQreQcxuzGvrxOnx2NyDkk_lJTDeqYfpkLuxaa1aMfxFefqB3Y96FDyhEPLMie4cXYDAuJxjvHwyIwxpxYg11FUrFy_d064DW75R8Hy3yc__M/s1600/BHUSA2018_2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="600" data-original-width="1280" height="299" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjH4gZz-sSJ5q3AmV_AbpoBaWg-1Fl1KbeQreQcxuzGvrxOnx2NyDkk_lJTDeqYfpkLuxaa1aMfxFefqB3Y96FDyhEPLMie4cXYDAuJxjvHwyIwxpxYg11FUrFy_d064DW75R8Hy3yc__M/s640/BHUSA2018_2.jpg" width="640" /></a></div>
<br />
I had the great opportunity to demoed the web tool to track online counterfeiters: <a href="http://desenmascara.me/">desenmascara.me</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyeB-lpyJ5f9lkKciV2FAw1jH3Y-x_OCvdX_grA7d3WBbgL3SzCCgzbrWzs6wiXwfS5Po6wfXA-WthBUyxfyAFahvqgE2dWaf56ifAxgEYpYpoypoZhOEmyT30vpdk5PnKtlOBKRLUvAk/s1600/Screen+Shot+2018-08-13+at+5.07.48+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="97" data-original-width="485" height="80" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyeB-lpyJ5f9lkKciV2FAw1jH3Y-x_OCvdX_grA7d3WBbgL3SzCCgzbrWzs6wiXwfS5Po6wfXA-WthBUyxfyAFahvqgE2dWaf56ifAxgEYpYpoypoZhOEmyT30vpdk5PnKtlOBKRLUvAk/s400/Screen+Shot+2018-08-13+at+5.07.48+PM.png" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">x</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg40A0BvYtp45iOkrjmujX3UaISEwHuhRySLBkEXGwvnRtdmwKe82HtMtd54ZqX6Fe4OEA4_XL-aKpWg55OnBfZFHCAc7AFfbsCWQhIs1-Hoy4L9oLj_RxriScWRhT3RLoI-QEzLye_lNc/s1600/Screen+Shot+2018-08-13+at+5.27.25+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="395" data-original-width="803" height="313" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg40A0BvYtp45iOkrjmujX3UaISEwHuhRySLBkEXGwvnRtdmwKe82HtMtd54ZqX6Fe4OEA4_XL-aKpWg55OnBfZFHCAc7AFfbsCWQhIs1-Hoy4L9oLj_RxriScWRhT3RLoI-QEzLye_lNc/s640/Screen+Shot+2018-08-13+at+5.27.25+PM.png" width="640" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;"><a href="https://www.blackhat.com/us-18/arsenal/schedule/index.html#desenmascarame-how-to-track-online-counterfeiters-12009">https://www.blackhat.com/us-18/arsenal/schedule/index.html#desenmascarame-how-to-track-online-counterfeiters-12009</a></span></div>
<br />
<div style="text-align: center;">
<br /></div>
<div style="text-align: justify;">
Though I had already presented the tool in Black Hat Europe in Amsterdam around 3 years ago, this conference was totally different in the way that only americans know how to do: <i>great shows!!</i>.</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRLH5aX-OiK_qWA0OV55FYTaJCQbUVU0Cuvkj9cRb2CmC0ddBIkJHSOPONekna1XnDZg2F-GzSRaUlQdL-o4BDSsaEWcVzBT9sUqReqdWaPoqLoHlkgbtQCu8iKGxR7T_5QSrgC_dfQeM/s1600/DkF9ANFV4AAlChR.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="600" data-original-width="1200" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRLH5aX-OiK_qWA0OV55FYTaJCQbUVU0Cuvkj9cRb2CmC0ddBIkJHSOPONekna1XnDZg2F-GzSRaUlQdL-o4BDSsaEWcVzBT9sUqReqdWaPoqLoHlkgbtQCu8iKGxR7T_5QSrgC_dfQeM/s640/DkF9ANFV4AAlChR.jpg" width="640" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">Photo courtesy of <a href="https://twitter.com/Fox0x01/status/1027239638560256000">Azeria</a></span></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
I must admit I was a bit overwhelmed with this great conference and I did miss a lot of talks and events I would like to have assisted cause they took place at the same time and the hurdle of preparing the presentation/demo. Anyhow this is what experience is, for next editions I will organize better my schedule and must-go talks.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
I was thrilled to have the opportunity of presenting my side project <b><a href="https://desenmascara.me/">to track online counterfeiters</a> </b>within such remarkable environment. Many thanks to the Arsenal organizers for which seems was the biggest edition of arsenal tools!!.</div>
<div style="text-align: justify;">
<br /></div>
<blockquote class="tr_bq">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCEIylqE9nqE1cxsm0xiDH8QvAwsUltjRqJ1ZKeah3DSABZYIVMWt5mrF9vLiqmK459Eu32t68BDygh2B4yBXre63OvF_MOKNZEhkOflxNT-XzEfecW99eGeRuzOk1Cxfg09HVAlZgMuw/s1600/Screen+Shot+2018-09-03+at+11.25.35+PM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="674" data-original-width="814" height="529" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCEIylqE9nqE1cxsm0xiDH8QvAwsUltjRqJ1ZKeah3DSABZYIVMWt5mrF9vLiqmK459Eu32t68BDygh2B4yBXre63OvF_MOKNZEhkOflxNT-XzEfecW99eGeRuzOk1Cxfg09HVAlZgMuw/s640/Screen+Shot+2018-09-03+at+11.25.35+PM.png" width="640" /></a></blockquote>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="text-align: justify;">
<br /></div>
<br />
<br />
<br />
<br />
<br />
<div>
<br /></div>
<br />
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-24449737867435402452018-05-04T14:54:00.000+02:002018-12-10T08:58:39.999+01:00Advanced security analytics approaches<br />
<div>
This is a live post which I will keep updating for my own reference.</div>
<div>
<br /></div>
<ul>
<li><a href="https://link.springer.com/chapter/10.1007/11510888_52">Signature-based approaches</a> are the oldest and most common approaches to detect security intrusions within a networked computing environment.</li>
<li><b><a href="https://en.wikipedia.org/wiki/Behavioral_analytics">Behavioral analytics</a></b>: Its a branch of business analytics where known patterns are applied to discover malicious behavior.</li>
<li><a href="https://en.wikipedia.org/wiki/Anomaly_detection">Anomaly detection</a>: Also know as outlier detection, uses statistical profiling to build a historical baseline. It alerts on deviations from established baselines that conform to a potential attack vector.</li>
<li><b>Cross-device correlation</b>: also known as <a href="https://en.wikipedia.org/wiki/Event_correlation">event correlation</a> refers to a technique where an IDS alert can be correlated with a huge number of firewall alerts to pinpoint events that are really important within a scenario where a massive amount of alerts take place.</li>
<li><b>Kill-chain detection</b>: is an intrusion-based methodology that allows one to focus on the different stages of an attack. This methodology was developed by <a href="https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html">Lockheed-Martin</a>.</li>
<li><b>Integrated threat intelligence</b>: this might be similar to the signature-based approach but more agile and supported through industry partnerships. It looks for known bad actors by leveraging global threat intelligence from multiple and disparate feeds. </li>
</ul>
<div>
Every approach would have a goal to catch either suspicious or malicious activity. The ideal catch -<i>and also the most complicated</i>- would be an abstract set of behaviors that an adversary is using. Based on David Bianco´s <a href="http://detect-respond.blogspot.com.es/2013/03/the-pyramid-of-pain.html">Pyramid of pain diagram</a>, that´s the adversary´s tactics, techniques and procedures (TTPs). This is the ideal detector based on <a href="https://redcanary.com/blog/detection-engineering/">Red Canary´s detection engineering team</a>.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgftZ_XE3bE3aeVvwcqLT1DPklFEza5u_tdBbwwgyV6nBJFxocLZjGcyAaixpuwACvw5Yy1CpgEtDwfXYa0-npsvlxYlRS_gcS7uvQl1w6wzr3cC669OnOIGHAD6KRSVb9UfhM90LRYQs0/s1600/Screen+Shot+2018-05-15+at+1.02.42+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="355" data-original-width="878" height="257" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgftZ_XE3bE3aeVvwcqLT1DPklFEza5u_tdBbwwgyV6nBJFxocLZjGcyAaixpuwACvw5Yy1CpgEtDwfXYa0-npsvlxYlRS_gcS7uvQl1w6wzr3cC669OnOIGHAD6KRSVb9UfhM90LRYQs0/s640/Screen+Shot+2018-05-15+at+1.02.42+PM.png" width="640" /></a></div>
<br />
<br />
However, regardless of the approaches used, <a href="https://www.channelpartnersonline.com/2018/02/12/mssps-wasting-time-on-false-positive-security-alerts/">the truth is that within MSSP environments</a> (with an overwhelming amount of security alerts) there is a huge amount of wasted time and resources processing useless security alerts, and many often either reduce the sensitivity of security personnel or ignore alerts altogether. <b>Which could be the best solution?</b>, that is a hard question, while innovative approaches to avoid pitfalls of alert fatigue and other SOC challenges as <a href="https://www.linkedin.com/pulse/socless-detection-team-netflix-alex-maestretti/">SOCless detections</a> might be suitable for some environments they are not intended for MSSP environments. The best advice I have ever seen on this area to improve MSSP capabilities <a href="https://blogs.gartner.com/augusto-barros/2018/01/30/the-working-with-an-mssp-tome-is-here/">is this</a>:<br />
<blockquote class="tr_bq">
<i><span style="background-color: white; color: #333333; font-family: "arial" , "helvetica" , sans-serif; font-size: 13px;">I had countless conversations with organizations complaining about the false positives sent by the MSSP. But it’s impressive how many of them are not prepared to report back those events to the provider in a way that would allow them to tune their systems and avoid a similar occurrence in the future. This is a recurrent theme in this document: You </span><strong style="color: #333333; font-family: Arial, Helvetica, sans-serif; font-size: 13px; margin: 0px; padding: 0px;">MUST WORK WITH THE MSSP</strong><span style="background-color: white; color: #333333; font-family: "arial" , "helvetica" , sans-serif; font-size: 13px;">, not expect them to figure everything out alone.</span></i></blockquote>
<div style="text-align: center;">
<span style="background-color: white; color: #333333; font-family: "arial" , "helvetica" , sans-serif; font-size: 13px;"><i>Augusto Barros. Research VP at Gartner.</i></span></div>
<br />
<br /></div>
<div>
<br />
But obviously to talk about security alerts without having an incident response plan in place is fruitless. Some companies contract MSSP services just as a checkbox where every security alert escalated, regardless of its accuracy would go to a black hole. This might be due to either a lack of security awareness within the company (lack of CISO roles) or due to budgetary reasons. In the last case, usually the IT personnel can not cope with security related work, again either due to an excessive work-load or lack of knowledge. The optimal situation would be a company with a security incident response plan in place (see <a href="https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-61r2.pdf">NIST 800-61</a>),<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXgR2x4b6epFtwLplCqSU8jFDmSL4T6dlY_5XSBDTuu_M5Li_S-Vksqv05pqxJPrYhHt2s58YvMsyc8_IBljPo10G362lmQehpjItkMkWMSt_5Su8pdhG6Bqw-3-6_HgbQN1tElcIrm-w/s1600/Screen+Shot+2018-05-15+at+3.22.32+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="490" data-original-width="978" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXgR2x4b6epFtwLplCqSU8jFDmSL4T6dlY_5XSBDTuu_M5Li_S-Vksqv05pqxJPrYhHt2s58YvMsyc8_IBljPo10G362lmQehpjItkMkWMSt_5Su8pdhG6Bqw-3-6_HgbQN1tElcIrm-w/s400/Screen+Shot+2018-05-15+at+3.22.32+PM.png" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">Incident response phases defined in NIST 800-61</span></div>
<br />
In such optimal situations, a company whose security service is provided by an MSSP would know what to do and how to act (through defined playbooks) regarding every security alert they would receive by the MSSP.<br />
<br />
<b>Mini-paper </b>released recently: <a href="https://github.com/d3sre/Use_Case_Applicability/blob/master/UseCaseApplicability-Paper.pdf">Improving security incident quality in SOCs with resolution categories.</a><br />
<br /></div>
<div>
Related external links:</div>
<div>
<a href="https://docs.microsoft.com/en-us/azure/security-center/security-center-detection-capabilities">https://docs.microsoft.com/en-us/azure/security-center/security-center-detection-capabilities</a></div>
<div>
<a href="https://www.sans.org/reading-room/whitepapers/infosec/detecting-preventing-attacks-earlier-kill-chain-36230">https://www.sans.org/reading-room/whitepapers/infosec/detecting-preventing-attacks-earlier-kill-chain-36230</a><br />
https://www.ecb.europa.eu/pub/pdf/other/ecb.tiber_eu_framework.en.pdf<br />
https://redcanary.com/blog/common-siem-issues/<br />
<br />
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-9436358818565293552018-04-17T00:36:00.002+02:002018-04-21T00:09:37.644+02:00Fortinet I hope that we all do not fall for one of these one day<div style="text-align: justify;">
This post of <b><i>Fortinet</i></b> called my attention: <a href="https://www.fortinet.com/blog/threat-research/you-will-fall-for-this-one-day---.html">You will fall for this one day</a>. I could not believe that a <a href="https://ctftime.org/ctf-wtf/">CTF</a> player was the victim of a counterfeit-related web showed through and ads in <b><i>Facebook</i></b>. It is not my intention to put guilt on the victim but instead to highlight that if a savvy-technical guy can be lured by the online counterfeiters, the chances for an average Internet user to avoid this fraud are quite low.</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEif2immy0N6YmIlqDxmL6bYsvOw89OXzdFMi3LjDoPjwatCP5P6ay5olDl9MejTEarPhkIYBHj0QCGfdxQTrCXhomtPdzuXFbFKhWu0ZrnpLydS2HEI50U6Ps0GGhXFFpPYxLdN2dP6Uis/s1600/Screen+Shot+2018-04-16+at+11.20.32+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="604" data-original-width="557" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEif2immy0N6YmIlqDxmL6bYsvOw89OXzdFMi3LjDoPjwatCP5P6ay5olDl9MejTEarPhkIYBHj0QCGfdxQTrCXhomtPdzuXFbFKhWu0ZrnpLydS2HEI50U6Ps0GGhXFFpPYxLdN2dP6Uis/s320/Screen+Shot+2018-04-16+at+11.20.32+PM.png" width="295" /></a></div>
<div style="text-align: center;">
<a href="https://www.fortinet.com/blog/threat-research/you-will-fall-for-this-one-day---.html"><span style="font-size: x-small;">Ref: Fortinet blog</span></a></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: justify;">
The article is quite good describing how these scams usually work and the tactics of the online counterfeiters in relation to a carefully-chosen website name, as described in the <a href="https://www.sans.org/reading-room/whitepapers/detection/tracking-online-counterfeiters-37697">Tracking online counterfeiters paper</a>, in order to lure to their victims.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Also to my surprise, near to the conclusion of the article I could read -the bold sentence of the paragraph below:</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjImlOVlyWjKijqgev9MuRnKsmimSvGKv4NeOa7yPCvZdoaxQpFEfih9U16B16UAas4tE4m4U3dmh8S1AjsgsRKg5ShxhH2FBxHHgted1bgjJ6Fj8sbKI9QtpGN4BqQ6z39FGqCeOWB37U/s1600/Screen+Shot+2018-04-16+at+11.26.41+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="78" data-original-width="938" height="52" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjImlOVlyWjKijqgev9MuRnKsmimSvGKv4NeOa7yPCvZdoaxQpFEfih9U16B16UAas4tE4m4U3dmh8S1AjsgsRKg5ShxhH2FBxHHgted1bgjJ6Fj8sbKI9QtpGN4BqQ6z39FGqCeOWB37U/s640/Screen+Shot+2018-04-16+at+11.26.41+PM.png" width="640" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The CTF player reported the website to the affected brand, Salomon in this case. This is a good action on their side but its a drop in the Ocean. <b>The <a href="http://desenmascara.me/">desenmascara.me</a> project, through its <a href="https://twitter.com/desenmascarame">twitter account</a>, has alerted -so far- around 10.000 times to 142 different brands being affected by online counterfeiters. </b>Though the number of counterfeit-websites detected by this side project is higher but due to API twitter restrictions, not all websites detected are automatically tweeted.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
But the article had more surprises as in relation to the <i>Fortinet</i> approach to cope with this fraud:</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKF54ygWpsaUI9AGBc1cv8MCZc-IJd0ZUAzJmY8dsq3VRG_l52qFI_X1ZvIF6mSjlwUmcPLlENRctCXLpw6M2yJsPEijfwi1T_lpTFgqhnfmiZYiipR6c0LmIUDx1Tvf5SyWazAYCzKu0/s1600/Screen+Shot+2018-04-16+at+11.42.29+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="80" data-original-width="746" height="68" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKF54ygWpsaUI9AGBc1cv8MCZc-IJd0ZUAzJmY8dsq3VRG_l52qFI_X1ZvIF6mSjlwUmcPLlENRctCXLpw6M2yJsPEijfwi1T_lpTFgqhnfmiZYiipR6c0LmIUDx1Tvf5SyWazAYCzKu0/s640/Screen+Shot+2018-04-16+at+11.42.29+PM.png" width="640" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
While is great to see how some security vendors are taking into account these kind of fake websites luring users, yet the "<i>phishing</i>" categorization might not be accurate enough as to highlight this massive online fraud. As pointed out in the mentioned paper about "<b>Tracking online counterfeiters</b>" to have a specific categorization for this specific fraud will help to raise awareness among users and also to create alliances with other stakeholders to fight it. But this is a not-so-easy battle as even <a href="https://www.kaspersky.com/about/press-releases/2016_the-black-friday-heist">Kaspersky call it phishing</a>. <b>The reality behind such counterfeit-related webs is that rarely phishing is the goal but instead is a profit center through which victims transfer new capitals into the underground, and as a profit center, all the pieces of this ecosystem must work properly</b>:</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwji2QC58tagss_gFQz4Bh81H232iZlJS7_5IxqCPyMU7rLay9FL1RNDEJFYUm5M5ZdIExq1cxBSbvw69lgqzMrLbC-vzOw-wwCNIEd29X67l9EF3cKfI4GrDJJZTE-LAgs4OTebID9K4/s1600/Screen+Shot+2018-04-16+at+11.59.04+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="690" data-original-width="1258" height="348" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwji2QC58tagss_gFQz4Bh81H232iZlJS7_5IxqCPyMU7rLay9FL1RNDEJFYUm5M5ZdIExq1cxBSbvw69lgqzMrLbC-vzOw-wwCNIEd29X67l9EF3cKfI4GrDJJZTE-LAgs4OTebID9K4/s640/Screen+Shot+2018-04-16+at+11.59.04+PM.png" width="640" /></a></div>
<div style="text-align: center;">
<a href="https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/43798.pdf"><span style="font-size: x-small;">Framing dependencies introduced by underground commoditization</span></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div class="page" title="Page 3">
<div class="layoutArea">
<div class="column">
</div>
</div>
</div>
<div style="text-align: justify;">
Also to assess that FortiGuard customers are protected from this scam cause the website has been classified and blocked is a very valid (but weak) point to show value over other vendors not being able to recognize this online fraud:</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAFPfHysWnDWPEmfapqF96CpoBBINthF1KLc0C-0V__oUlppIhJIB4gIWiSpKk8vgURvamayLSKV_10ycFwH315-aVdWLZlrMSxz9iaowOS6aO6jtE198uPuHECNtojgdLVEWtvLrHCKI/s1600/Screen+Shot+2018-04-17+at+12.08.36+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="758" data-original-width="927" height="326" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAFPfHysWnDWPEmfapqF96CpoBBINthF1KLc0C-0V__oUlppIhJIB4gIWiSpKk8vgURvamayLSKV_10ycFwH315-aVdWLZlrMSxz9iaowOS6aO6jtE198uPuHECNtojgdLVEWtvLrHCKI/s400/Screen+Shot+2018-04-17+at+12.08.36+AM.png" width="400" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: center;">
<a href="https://www.virustotal.com/#/url/51cee5081a3f9b2535419d60270b3a96469ae1e16b7b860dbc9f6737fe1c1b99/detection">VirusTotal result</a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
But the reality is that a more wider approach is needed to cope with this massive online fraud. Just as an example taken from the fake website being blocked by Fortinet: <i>www.salocc.com</i></div>
<div style="text-align: justify;">
There are dozens of additional fake webs which belong to the same counterfeit-campaign (as noted by the use of the same infrastructure and website domain registration details):</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjodZlswLgAma0Lqs4uVCOzyr_5aA5be3kix8ww23y0C6XMhCjbzt9T1nIU6o-aHQRpXx3IwSX3CrMaMiQ4DhV0nOId2mUNdgSZXsQnqSooTwo8ON6JAzn8KFFGjbkg_os-KvVWNr7auS4/s1600/Screen+Shot+2018-04-17+at+12.14.36+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="771" data-original-width="644" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjodZlswLgAma0Lqs4uVCOzyr_5aA5be3kix8ww23y0C6XMhCjbzt9T1nIU6o-aHQRpXx3IwSX3CrMaMiQ4DhV0nOId2mUNdgSZXsQnqSooTwo8ON6JAzn8KFFGjbkg_os-KvVWNr7auS4/s640/Screen+Shot+2018-04-17+at+12.14.36+AM.png" width="534" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Are also all those fake websites detected and blocked by <i>Fortinet</i>?. The answer; at this point in time they are not, as showed below with a random fake web domain related to the same campaign:</b><br />
<b><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMeLZwlBuZzmNtpTXEfgZXyfVI-Ms7zhS369SWVntr67Uvul7LeLgg5UMVDZeEk_x51VLSVw3eJYHz2dBppTSK47oUuS__BWzS2mM3bNtTOJQxftBgEwMvlb0i9Ub3OP1v8tqAv7Djg6k/s1600/Screen+Shot+2018-04-17+at+7.36.05+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="762" data-original-width="864" height="564" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMeLZwlBuZzmNtpTXEfgZXyfVI-Ms7zhS369SWVntr67Uvul7LeLgg5UMVDZeEk_x51VLSVw3eJYHz2dBppTSK47oUuS__BWzS2mM3bNtTOJQxftBgEwMvlb0i9Ub3OP1v8tqAv7Djg6k/s640/Screen+Shot+2018-04-17+at+7.36.05+AM.png" width="640" /></a></div>
<b><br /></b>
<br />
<div style="text-align: center;">
<b><span style="font-size: x-small;"><a href="https://www.virustotal.com/#/url/108f7912e911027505fc54be59493ae4063243f3403bdc8cdd7cff25d0e6a693/detection">Fake domain not being detected by any vendor but by the side project desenmascara.me</a></span></b></div>
<b><br /></b>
<br />
As I said before, this is just a drop in the ocean. After researching this online fraud for years; publishing a paper about "<i>Tracking online counterfeiters</i>", <a href="http://blog.emiliocasbas.net/2018/02/invited-to-talk-at-europol-about.html">collaborating with Europol into joint operations</a> to take down websites related with this fraud, and also <a href="https://blog.domaintools.com/2018/02/how-to-uncover-a-massive-campaign-of-counterfeit-related-websites/">unveiling massive campaigns of counterfeit-related webs</a>, <b>the reality is that all the past estimations from different sources about the rising of this massive and underestimated online fraud are becoming true</b>. In order to tackle this online fraud a more holistic approach is needed, the technology to do it is already available but the only thing truly needed to cope with it is will.<br />
<br />
As stated in the last sentence of the "<a href="https://www.sans.org/reading-room/whitepapers/detection/tracking-online-counterfeiters-37697">Tracking online counterfeiters</a>" paper, the ultimate ambitious goal of this research and the <a href="http://desenmascara.me/">desenmascara.me</a> side project, is to protect users worldwide of this massive online fraud. How this could be achieved?: by having widely-used technologies like SafeBrowsing or alike flagging a new kind of unsafe sites: <b>FAKE websites related with the online counterfeiting.</b><br />
<b><br /></b>
<b>Therefore, Fortinet, I hope that we all do not fall for one of these one day.</b><br />
<b><br /></b>
<b><br /></b>
<b>P.D</b>: Unfortunately this is an underrated online fraud. This is feature request to Firefox: <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1326308">https://bugzilla.mozilla.org/show_bug.cgi?id=1326308</a> which was closed as "will not be fixed" cause they did not consider the topic relevant enough as to act upon it.</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-75260340500797525752018-04-08T11:29:00.000+02:002018-04-09T11:31:46.383+02:00RFC1918 IP Addresses in APT reports being used as IOCs by "Intelligence" providersThe title of this article was <a href="https://twitter.com/ecasbas/status/981784929519505408">published some days ago as a tweet</a>. Unfortunately by seeing the responses it seems this is not a so uncommon issue:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhynC7WSXZmtHfITyh62Boe3jqQ7ORQKFm8NRCC85BZ1ZRSH5pMHFYU_GAQhZfUFoHkgyydn4IQ0gJxkcFf3aWR7ENKG_rEzaQ27Bnfr0SB5u3XRfNigu0aGFvGzsbgnBYrt1lb2xNxSz8/s1600/Screen+Shot+2018-04-06+at+12.02.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="223" data-original-width="575" height="155" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhynC7WSXZmtHfITyh62Boe3jqQ7ORQKFm8NRCC85BZ1ZRSH5pMHFYU_GAQhZfUFoHkgyydn4IQ0gJxkcFf3aWR7ENKG_rEzaQ27Bnfr0SB5u3XRfNigu0aGFvGzsbgnBYrt1lb2xNxSz8/s400/Screen+Shot+2018-04-06+at+12.02.55+PM.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi68oA8aJHSVL0AHoERr3zV2oNzwvFsuyYMp3rszdAfsBwDZzuJgrmQFbR11lOYNvbEYkehcRy3I0QNbudNTn0vi7OvrYHP99szjgTUH7eQ53ooBa4wZL_5MCsQ0uLCbtgKJTAjQZuqwdY/s1600/Screen+Shot+2018-04-06+at+12.05.02+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="265" data-original-width="581" height="181" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi68oA8aJHSVL0AHoERr3zV2oNzwvFsuyYMp3rszdAfsBwDZzuJgrmQFbR11lOYNvbEYkehcRy3I0QNbudNTn0vi7OvrYHP99szjgTUH7eQ53ooBa4wZL_5MCsQ0uLCbtgKJTAjQZuqwdY/s400/Screen+Shot+2018-04-06+at+12.05.02+PM.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiRBOPfg2FL-Kaeg_5GH1v62mLid0LPfiXyLri7vMmDTNxgi1O6dnSrbVXb78MtAd_5HpQ2gTzuMRhJ2KBki3jiy2IAEB4t6d9kN7wXpvCy98pG4mxJBAXRLnatmlD_lO_QBpsHX4hXTo/s1600/Screen+Shot+2018-04-06+at+12.07.22+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="266" data-original-width="603" height="176" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiRBOPfg2FL-Kaeg_5GH1v62mLid0LPfiXyLri7vMmDTNxgi1O6dnSrbVXb78MtAd_5HpQ2gTzuMRhJ2KBki3jiy2IAEB4t6d9kN7wXpvCy98pG4mxJBAXRLnatmlD_lO_QBpsHX4hXTo/s400/Screen+Shot+2018-04-06+at+12.07.22+PM.png" width="400" /></a></div>
<br />
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
All started as a heads´up about a high priority incident in a sensitive environment. <b>A watchlist that matches an internal private IP against a botnet?.</b> This incident needed confirmation as got escalated with urgency. As its common in this scenario dealing with different stakeholders, the private IP being categorized as botnet was anonymized in order to protect sensitive information, but we need such information in order to further investigate it. To request such information sum up time to the investigation.</div>
<br />
<div style="text-align: justify;">
Once we have the private IP details we can do some cross checks to get the additional context needed in this scenario. The additional cross-checks are to verify which intelligence feed contained the private IP and then to gather the details. After some investigation we were unable to find any correlation, <b>none of the watchlists we do provide</b> (from public and private sources around the world, including product vendors, industry experts, government agencies, professional associations, media, news groups..) <b>contained such info</b>. Next step was to seek the private IP into any public report, cause at this time it was a bit clear which the issue was, and Bingo !! - <a href="https://www.group-ib.com/resources/threat-research/Anunak_APT_against_financial_institutions.pdf">Anunak: APT against financial institutions</a> is a great report released by Group-IB and Fox-IT and contained the private IP address as a C&C IP and without any additional info. This is likely a common mistake about not vetting the information provided by reverse engineers to the intel team responsible to craft up the APT report, then this mistake is chained by Intelligence providers who do not perform any vet into the IOCs they ingest, packed and then sell. It turns out the customer affected was using additional threat intelligence providers, and was one of them who did provide the private IP address as an IOC.</div>
<br />
<div style="text-align: justify;">
Based on <a href="http://www.activeresponse.org/the-cost-of-bad-threat-intelligence/">The cost of bad intelligence</a>: "<i>Security professionals practicing threat intelligence must understand the implications of mistakes and poor analysis. Bad intelligence can and does decrease the security effectiveness of an organization</i>." </div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1876950682046418214.post-2413507362429482272018-02-28T17:36:00.001+01:002018-02-28T17:40:45.046+01:00Invited to talk at the Europol about desenmascara.meThe past week I had the opportunity to participate into the <a href="https://www.europol.europa.eu/activities-services/europol-in-action/operations/operation-in-our-sites-ios">IOS</a> IX Kick-off meeting held in the Europol HQ in The Hague (The Netherlands).<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsVaZImUg9a_Xt53grhP5LfyF0f7Pq_btMPWWQN61MiIKnNklCNVhTyfVU9VAajsWmHpgZC5zfK5FftecE3j0r5YPRnNnZwlbaq8bJTQ5UoouAALJzUePe32leZrKRtBqA9VLsjA1-TdY/s1600/image-europol.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="870" data-original-width="1024" height="271" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsVaZImUg9a_Xt53grhP5LfyF0f7Pq_btMPWWQN61MiIKnNklCNVhTyfVU9VAajsWmHpgZC5zfK5FftecE3j0r5YPRnNnZwlbaq8bJTQ5UoouAALJzUePe32leZrKRtBqA9VLsjA1-TdY/s320/image-europol.jpg" width="320" /></a></div>
<br />
<br />
<div style="text-align: justify;">
IOS stands for operation <b>In Our Sites</b> and is a joint global recurrent operation first implemented in 2014 and has since then increased significantly. The eighth edition in 2017 of this global operation saw a big range of anti-counterfeiting associations and brand owner representatives joined law enforcement authorities participating in this huge worldwide action, to facilitate international cooperation and support the countries involved in this initiative. In fact the outcome of the last edition was:<span style="color: #222222;"> </span><span style="background-color: white; color: #222222; font-family: "robotolight" , sans-serif; font-size: 16.440000534057617px;"><a href="https://www.europol.europa.eu/newsroom/news/biggest-hit-against-online-piracy-over-20-520-internet-domain-names-seized-for-selling-counterfeits">The biggest hit against online piracy: over 20520 domains seized for selling counterfeits</a></span></div>
<br />
I had the opportunity to participate in the ninth edition by presenting the online tool http://desenmascara.me as a tool to help:<br />
<br />
<ol>
<li><b>users</b> (as a 1 stop shop where to check whether a website is related with countefeiters or not)</li>
<li><b>brands</b> (by providing the intelligence gathered through users inputs)</li>
<li><b>LAEs</b> (through cooperation with the intel acquired to dismantle organized groups behind this online fraud).</li>
</ol>
<div>
The overall goal was to show the trust to use <a href="http://desenmascara.me/">desenmascara.me</a> tool as an OSINT tool to gather fresh counterfeit-related websites from hundreds of different brands.</div>
<div>
<br /></div>
<div>
I really enjoyed by participating in this kick-off meeting by acquiring new knowledge and making great contacts.</div>
<div>
<br /></div>
<div>
If you have any question regarding the use of <a href="http://desenmascara.me/">desenmascara.me</a> please do not hesitate to drop me an email or send it through the contact form of the website.</div>
<div>
<br /></div>
<div>
Happy only counterfeiting hunting.</div>
<div>
<br /></div>
<div>
<br /></div>
Unknownnoreply@blogger.com0