Desenmascara.me

How to verify whether a website is legitimate or not?: desenmascara.me

jueves, 19 de enero de 2017

Chrome plugin to check whether a website is fake or not

Chrome plugin to avoid being lured by the online counterfeiters.

The plugin has two simple options:

1. When we are visiting a website and we are not sure about their legitimacy we just click on the plugin icon and then on "Check this page now":


it will take some seconds and then a pop up like below will appear informing about the result, in this case warning us to be careful cause the web is related with the online counterfeiting:


2. The other option, useful when we do not want to visit a website cause might be dangerous, is to click in the link and go directly to the desenmascara.me website. Then we can type the web address of the website we would like to analyze:

In such a case we will see the information about the website being flagged as FAKE. Then we know it is not safe to browse the website nor to purchase any item on it.

In cases where a website has been already analyzed we will see the information into the popup like below where you can even click the "review the analysis" link to see the full report:


Do not hesitate to ask me any question regarding the plugin or the results. 

Have a safe online experience!

FACEBOOK does not worry about the online counterfeiting fraud

This recent post made me to review the drafts I had in this blog regarding a similar issue which I publish today. With the project http://desenmascara.me I have been investigating the online counterfeiting fraud for quite some time. It turns out that Facebook has plenty of advertisements like below:


Facebook advertisement


Which leds to the Facebook event below (not active anymore):


In the above event page you can see the website being advertised: hxxp://www.rblovez.pw/
(not active anymore)



Which clearly is a FAKE rayban website. Flagged by desenmascara.me
http://desenmascara.me/consulta/b0f91cdf147d93f9726e923191b08eb4

and hence by VT:

https://www.virustotal.com/en-gb/url/e651e1c5c9e31be8152b9ef28111f9cf0a4db1473b0f5d1830ba6ef2270449eb/analysis/1457705321/

This FAKE website is clearly a luxury knock-off product a dark business which has even more revenue than the ransomware and close to well-known malware as the Zeus banking trojan.




Though it is not a security vulnerability itself I reported it to Facebook because it is an abuse of their functionality which might be used to lure their users: anyone can set up an ads and the target website would not be "fully verified" which might contain badware or fake content as in this case.


The report was closed with the following feedback:

Hi Emilio,

Thanks for contacting us. Keep in mind that this queue is specifically for security vulnerabilities. Since what you describe doesn't appear to be a security vulnerability, you can provide feedback or suggestions regarding a feature here:

https://www.facebook.com/help/contact/268228883256323

Thanks,

Redacted name
Facebook



It seems that the issue was investigated some years ago by another researchers:




But Facebook still allows such advertisements. Despite all the effort they are taking against FAKE news, it seems they still have plenty of room to improve regarding to get rid of advertisements involved with online counterfeiting in their network.

Google does a better work in such matter but sometimes, as highlighted in the picture below, they have ads related with fake sites as well.