Kaspersky Unveils New Tool to Flag 'Undefined Trust' Websites as Global Scams Surge

By

Breaking News: Kaspersky Launches 'Undefined Trust Level' Filter to Combat Deceptive Online Traps

January 26, 2026 — Cybersecurity giant Kaspersky has introduced a new web filtering category called "Sites with an undefined trust level" across its security products, including Kaspersky Premium and mobile apps for Android and iOS. The move comes in response to a rising tide of websites that manipulate users into transferring money for fake services, signing up for hidden subscriptions, or revealing personal data under the guise of legitimate operations.

"These sites exist in a legal gray area," said Elena Kovaleva, senior cybersecurity analyst at Kaspersky. "They aren't outright phishing, but their terms of service are crafted like traps — with no-refund policies and automatic renewals that are nearly impossible to cancel." The new category automatically detects suspicious resources by analyzing domain age, IP reputation, DNS configuration, HTTP security headers, and SSL certificates.

Background: The Gray Zone of Online Scams

Unlike phishing sites that steal login credentials directly, "undefined trust" websites rely on psychological manipulation. They include fake online stores, dubious crypto exchanges, investment platforms, and services with paid subscriptions that trick victims into willingly paying for non-existent goods. According to Kaspersky, such sites often use cleverly worded Terms of Service as a legal loophole.

"The victim thinks they are making a legitimate purchase or investment, but they end up with nothing or locked into a recurring payment," Kovaleva explained. The detection system runs automatically in the background, flagging resources that display multiple risk indicators — such as strange domain names with numbers or random characters, cheap top-level domains like .xyz, .top, or .shop, and domains registered less than six months ago according to WHOIS data.

Global Threat Landscape: Fake Extensions and Regional Scams Dominate

Kaspersky's data for January 2026 reveals that the most widespread global threat is fake browser extensions mimicking security products, detected in 9 out of 10 regions analyzed worldwide. These extensions intercept browser data, track user activity, hijack search queries, and inject ads. "They look like legitimate antivirus tools but steal everything," Kovaleva warned.

Regional statistics paint a more specific picture: In Africa, over 90% of the top 10 suspicious websites are online trading scam platforms. In Latin America, fake betting services predominate. Russia sees a surge in fake binary options brokers and "educational platforms" with fraudulent subscriptions. The Commonwealth of Independent States (CIS) countries face crypto scams and bots designed to inflate social media engagement.

Key Red Flags to Watch For

Kaspersky advises users to check for these common indicators before engaging with any unknown site:

• Unusual domain names containing numbers or random character strings
• Cheap TLDs such as .xyz, .top, or .shop
• Recently registered domains (less than six months old)
• Unrealistic promises like "100% guaranteed income" or "up to 300% profit"
• Lack of company contact information (no physical address, phone, or email)
• Payment methods limited to cryptocurrency or irreversible bank transfers

"If a site screams 'too good to be true,' it almost always is," Kovaleva said. The new Kaspersky filter automatically flags such resources and blocks access, but users should remain vigilant.

What This Means for Users and the Industry

The introduction of the "undefined trust level" category marks a significant shift in how cybersecurity products classify threats. Previously, filters only distinguished between safe and dangerous (phishing/malware) sites. This new category fills a gap, addressing the growing number of borderline websites that exploit legal loopholes.

"Users no longer have to navigate the gray zone alone," said Kovaleva. "Our system does the heavy lifting, analyzing dozens of risk factors in real time." The move is expected to push the industry toward more nuanced threat detection, potentially influencing other security vendors to adopt similar categories. For consumers, the key takeaway is to rely on updated security tools and remain skeptical of any offer that pressures quick action or demands irreversible payments.

— Breaking news from Kaspersky Lab, reporting cybersecurity threats globally.

Related Articles

• Crackdown on €50M Crypto Scam: Austrian, Albanian Police Arrest Key Suspects
• Apple's AI Revolution: A Step-by-Step Blueprint for WWDC 2026
• Crypto Market Surges Past $3.22 Trillion: XRP Leads, Japan Embraces Digital Assets
• How to Prevent Data Fragmentation: A Guide to Categorical Normalization and Metric Validation
• Deploy Your App from Scratch: How AI Agents Can Set Up Cloudflare Accounts, Buy Domains, and Go Live
• April 2024: DeFi Hack Incidents Hit All-Time High with $635M Lost
• docs.rs to Slash Default Build Targets: Major Change Coming May 1, 2026
• Record Preschool Funding Across States Raises Alarm Over Quality Gaps