Cybercriminals tap online automated services to check the effectiveness of their frauds

The interesting extension of the world of automated checking into the fraud arena has been made possible, says security researcher Brian Krebs, by the use of pay-for subscription services.

According to Krebs, these automated services test when and whether web reputation programs like Google Safe Browsing and McAfee SiteAdvisor have flagged malicious links.

Writing in his security blog, the former Washington Post IT security writer said that nothing puts a crimp in the traffic to booby-trapped websites than being listed on multiple internet reputation services that collect and publish information on the location of nasty sites.

"People who maintain the bad sites can stay ahead of such services by moving their malware to new domains once the present hosts start showing up on too many blacklists. But constantly checking these lists can be a time-consuming pain", he said.

"Enter sites like crypt-check.com. For a mere 20 cents, subscribers can check to see whether their malicious sites are flagged by any of 18 different blacklists, including Spamhaus, ZeuSTracker, SpamCop, SmartScreen, Norton Safe Web, Phishtank, Malwaredomainlist and MalwareURL", he added.

Krebs likens these automated services to Virustotal, but for bad domains, listing the percentage of blacklists that detect any submitted malware sites.

In a test of the veracity of the automated services, he said he picked on vinni-trinni, mainly because the site was first flagged by Malwaredomainlist and MalwareURL back in March of this year.

"The results were underwhelming: As we can see from the above screen shot, this service detects that three out of 18 blacklists have flagged it as malicious, but the author's own service fails to show listings by either Malwaredomainlist or MalwareURL", he said.

What’s hot on Infosecurity Magazine?