Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Chinese Phish—You are a Winner!!

Created: 25 Sep 2009 21:17:15 GMT • Updated: 23 Jan 2014 18:32:34 GMT
Mathew Maniyara's picture
0 0 Votes
Login to vote

Symantec has observed that most phishing URLs associated with Chinese brands attempt to trick users by stating that they are winners of a great prize. The fake websites declare that the visitors are winners for reasons such as:

1.    Customers of the brand were chosen for a lucky draw and that the customer won the draw.
2.    The brand wishes to thank the customer for their long time commitment by gifting them prizes.
3.    The customer has triumphed in a gaming site of the brand, attaining the highest score.

The phishing site goes on to state that the customer needs to submit confidential information to receive the prize, either to prove his or her identity or for the transfer of the prize money to the customer’s bank account. The following image is an example of a Chinese phishing page for a gaming website. The page says that the customer needs to enter details to prove his or her identity so as to attain the award-winning gift.

phishing.jpg

Here are some noteworthy statistics for phishing websites associated with Chinese brands in September:

•    There were four Chinese brands observed, comprising 4.6% of total phishing in September.
•    More than 71% of the phishing attacks were generated from automated phishing toolkits.
•    The highest occurrence of TLDs were .cn (47%), .com (39%), and .info (6%).
•    About 27% of the domain names observed were typosquats (domain names that are typo variations of a legitimate brand name).
•    The top countries where the phishing sites were hosted are the USA (64%), China (16%), and Singapore (11%). The top cities are Boulder, Jiujiang, and Singapore. The geo-locations were distributed in and around seven different countries.
•    Over 90% of the domain names used were newly registered. About 7% were based on compromised Web servers and the rest were hosted on free web-hosting sites.

One needs to maintain caution while submitting sensitive information online. It is important to use certain safety measures to avoid phishing. Some best practices advised to be safe from the prey of phishing sites are:

•    Do not click on suspicious links from emails.
•    Check the URL of the website and make sure that it belongs to the brand.
•    Type the domain name of your brand directly in your browser rather than following any link.
•    Frequently update your security software, such as Norton Internet Security 2009, which protects you from online phishing.