Duplicate sites on the rise, experts warn

SINGAPORE - Duplicate websites set up by online scammers and hoaxers have become so common that security experts are warning Internet users to be on their guard.

They note that it is easy to be caught out: just enter a mistyped URL and you could be directed to a spam page, or worse, a cloned website pretending to be the real deal.

This was what happened last Saturday, when the Ministry of Manpower (MOM) discovered a bogus copy of its website - www.movgov.sg - just two days after it had detected a prior duplicate.

The scam, known as typo-squatting, often affects an organisation where sensitive information is entered online by users.

It has become far more common as it is now easier to copy the look and content of an entire site.

"With the increased availability of tools in the underground, cybercriminals are able to copy entire website templates and content," said IT security firm Trend Micro's country manager for Singapore, Mr David Siah.

"Often the only way to tell if you are visiting a legitimate site comes down to the exact URL string that is in your address bar."

While some typo-squatters may be content with placing ads and making pay-per-click revenue from misspelled Web addresses, more malicious criminals want to mimic the real website's look and feel to trick users into exposing personal data.

The fake MOM website had a page with the Singapore Government logo - a red merlion - that allowed a user to "check" whether a work permit was valid if an NRIC number and accompanying name was entered.

The clone site was still accessible as of last night.

While the people behind these types of scams may be liable for copyright infringement and cheating, the damage to the real organisation that runs the site can be significant.

"When targeted by cybercriminals, the original site owner might face reputational damages, where consumers or their target audiences would be even warier of the site's legitimacy," said Mr Siah.

Users who unwittingly enter sensitive personal information - such as their SingPass - may also put themselves in danger of identity theft and online fraud.

Mr Chai Chin Loon, chief operating officer of IT security firm Assurity Trusted Solutions, told the Straits Times: "Your SingPass gives you access to many e-government services.

"If compromised, this could lead to reputation damage and financial loss."

The MOM said in a post on its Facebook page on Sunday that access to its official website (www.mom.gov.sg) was unaffected and there have been no reports of user data being compromised.

Experts said some signs, such as spelling and grammatical mistakes, pop-up advertisements and dead links are indications that users may be visiting a copied website.

The fake MOM site used a wrongly coloured ministry logo together with the words "Ministry of Workpermit". Many of the links also did not work.

The old adage of being wary of e-mail links to websites requiring sensitive login information - such as for Internet banking - also applies, said Mr Sumit Bansal, director for ASEAN at security software firm Sophos.

"When clicked on, the URL shown in the address bar may look genuine, but there are several ways it can be faked, taking users to a spoof site."

Get a copy of The Straits Times or go to straitstimes.com for more stories.