Contributor: Ayub Khan
Symantec has been constantly monitoring phishing sites hosted on compromised Indian websites. In 2011, our study detailed these compromised sites and we did a similar study of phishing sites in 2012.
From August 2012 to November 2012, 0.11% of all phishing sites were hosted on compromised Indian websites. Phishers continue to target Indian sites across many disciplines to host their phishing sites. These Indian sites were classified in various categories. The most targeted sites were information technology (14.40%), education (11.90%), product sales and services (9.80%), industrial and manufacturing (7.30%), and tourism, travels and transport (5.80%). The figures for secure websites such as government, telecommunication, and ISP were low and at the bottom of the list. This offers evidence that phishers opt to target more vulnerable websites.
Figure 1. Indian website categories compromised by phishers
It is interesting to note that education was at the top of the most targeted websites in 2011, but fell to second place in 2012. Nonetheless, the education category, which includes schools and colleges across India continues to be a phisher favorite. The states in India where the education category was most prevalent were Rajasthan, Andhra Pradesh, Delhi, Maharashtra, and Punjab. The top cities were Jaipur, Hyderabad, Delhi, Chandigarh, and Bangalore.
Internet users are advised to follow best practices to avoid phishing attacks:
- Do not click on suspicious links in email messages
- Do not provide any personal information when answering an email
- Do not enter personal information in a pop-up page or screen
- Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
- Update your security software (such as Norton Internet Security 2012) frequently, which protects you from online phishing