There are several special occasions throughout the year that help to deliver a sense of solidarity and unity among people. Social networking sites have gained popularity by linking people together from different geographic locations; hence, social networking sites promote special occasions because they encourage users to greet one another. In the last couple of months, Symantec has observed phishing websites spoofing Google’s social networking site Orkut. The phishing websites are trying to take advantage of the celebration of special occasions. Keep in mind that these phishing sites do not represent any security issues or failings in the legitimate Google or Orkut sites; phishing sites are created with the purpose of tricking users into giving up personal, secure information.
Legitimate social networking websites promote festivals or special occasions by changing their logo appropriately to reflect the prevailing trend. For example, Google celebrated Earth Day by posting their special Earth Day doodle as a logo for Orkut.
The phishing websites we observed had spoofed the brand’s logo during occasions such as Earth Day, Mother’s Day, and Brazil’s carnival celebrations. Phishers are mimicking the logo displayed by the legitimate brand during the current day to help the fraudulent sites to look authentic. This way, phishers may be able to convince users that they are on a secure site, even when they have doubts about the phishing URL. The primary motive of the fraudulent sites is to seek users’ credentials. On average the phishing URLs were found to be active for no more than 54 hours. Many of the observed phishing websites were in Brazilian Portuguese, since the Orkut social networking site is most prevalent in Brazil. The phishing pages were created using free Web hosting sites.
Below are the screenshots of the phishing Web pages that spoofed Orkut while promoting Earth Day, as well as Mother’s Day and the Brazil carnival celebrations, respectively:
Earth Day
Mother’s Day
Brazil Carnival Celebrations
Internet users are advised to follow best practices to avoid phishing attacks. Here are some basic tips for avoiding online scams:
• Do not click on suspicious links in email messages.
• Check the URL of the website and make sure that it belongs to the brand.
• Phisihing websites are not new; however, they are becoming more sophisticated and harder to distinguish from legitimate brand websites. Be as vigilant as possible when visiting a website and try not to fall for scams. Remember, if it's too good to be true it probably is.
• Type the domain name of your brand’s website directly into your browser’s address bar rather than following any link.
• Frequently update your security software, such as Norton Internet Security 2010, which protects you from online phishing.
Update: We have been in contact with Google regarding this latest phishing scam. Please take a moment to read Google's own blogs on how to avoid becoming a victim of phishing,
here and
here.