Old Japanese Phishing Attack, New Approach in English

Symantec has recently observed an English phishing email that appears to be an official notification from a credit card company affiliated with a major Japanese bank, claiming that a limitation has been placed on the email recipient’s credit card due to a violation. The recipient is asked to provide information relevant to their account.

Last year we observed a similar phishing attempt that was trying to leverage this bank’s brand. However, that email was in the Japanese language and guided unsuspecting users to a Japanese-language phishing website. This new attack starts with an English email message, but links to a site that is written in Japanese where the recipient is asked to give up personal information such as a credit card number, credit verification value, personal identification number (PIN), and validity time. The spammers address the use of English in the email—excusing themselves for sending a message in English instead of in Japanese—indicating that a large number of their customers are not from Japan.

Sample message:

And, the linked phishing website that appears:

As mentioned in our previous blog post, the ratio of scam messages in Asia/Pacific and Japan is relatively low. However, we continue to advise email users to always be aware and not open any suspicious messages or Web links that come from an unknown source.