Bookmakers invade city hall websites in search of ‘showcase’ on the internet

[ad_1]

Websites with addresses ending in ‘gov.br’ have been used to promote gambling pages. In many cases, tampered links are displayed among the first search results. City hall websites are used to improperly promote betting house websites Reproduction Websites with addresses ending in “gov.br” are exclusively used to convey relevant information from government organizations. But they have also been misused to promote bookmakers. A quick search on topics such as “tiger game”, investigated by an alleged pyramid scheme, is enough to find online casino content hosted on websites of city halls and other public bodies. Anyone who clicks on the link is taken to the public body’s website and then redirected to a betting site. The pages state that users are entitled to bonuses for betting on little-known houses. There is no survey of how many bodies are affected by this practice, but g1 identified several adulterated links displayed among the first results of Google and Bing search engines. See an example below and others at the end of the report. Google search for ‘tiger game’ leads users to a corrupted page on the Contagem (MG) city hall website Reproduction How does the invasion of websites happen? The attack takes place through “defacement”, a technique that searches for loopholes in internet servers to tamper with website content. The method can be used for various purposes, such as spreading malicious files and protest messages on third-party websites. In this case, the objective is advertising: the adulteration serves to take the user to bookmaker pages. Even without access to passwords, cybercriminals can still change the content of pages by exploiting flaws in the internet server or website software, for example. This is what the technology director of telecommunications company Sage Networks, Thiago Ayub, explains. “In the face of this type of incident, changing passwords is not an effective remedy. It is quite common for it to have been dismissed in this action of defacing the website. The vulnerability, if not found and corrected, will allow new defacements”, says Ayub. How to protect yourself from scams with fake apps and websites Is clicking on fake links in the search dangerous? No. As the objective is advertising, bookmaker websites do not usually pose risks just by being accessed. But it is important to avoid clicking on links and entering personal data on these pages. “The risk lies in the act of clicking on malicious advertising and interacting with it in any way, whether making a purchase, placing a bet or downloading a file from it. The mere act of appearing on the screen in itself is not a relevant risk”, says Ayub. The recommendation is to always pay attention to the website you are clicking on in the search engine. In this case, the ideal is to ask yourself whether the website of a city hall, a public agency or another government body would have to publish content on the subject you researched. Flaws like this draw attention to the fact that unmaintained sites become vulnerable, says Ayub. For him, it is common to think that websites do not need corrections after they are developed. “But websites may require even more maintenance than a fleet of cars. A lightly used car requires little maintenance. But a website, regardless of its use or popularity, is a gateway to security incidents like these,” he says. CLOTHING EVALUATOR: Shein warns of scam on website promoted by influencers What do search engines say? Google told g1 that it does not comment on actions taken against specific websites or URLs, but that it takes appropriate measures when identifying violations of its spam policies. According to the company, its protection systems block 40 billion spam pages daily. Read the full note from Google: “Our advanced spam-fighting systems allow us to keep Search 99% spam-free. We are continually improving these systems to combat the growing volume of content containing this type of threat, including hacked spam that can appear when there are vulnerabilities in a website’s security. We also work to notify websites when our systems detect that they may have been hacked and provide tips to help owners ensure and improve the security of their pages.” g1 contacted Bing, but had no response until the publication of this report. MORE most powerful in the world Search on Google for terms related to betting leads to adulterated links from agencies in cities such as Pouso Alegre (MG), Bugre (MG), Americana (SP) and Santa Maria (RS) Reproduction Search on Bing displays adulterated link on website of the Chamber of Santa Bárbara d’Oeste (SP) Reproduction) Google search for ‘tiger game’ leads to the website of a government agency Reproduction Bing search displays adulterated links to public agencies Reproduction How to report posts on social media How to report posts on Instagram, TikTok and Kwai and other social networks

[ad_2]

Source link