On March 11, 2011, Japan faced its worst nightmare when a massive earthquake struck with a magnitude of 9.0. Nations all over the world are giving their support through aid to Japan. On the other hand, phishers are trying to take advantage of this situation to steal and exploit well meaning donors.
Symantec observed a phishing site that spoofed a popular payment gateway requesting a donation for Japan’s earthquake victims. Phishers paid attention to every minute detail to make the page look like the legitimate brand’s Web site. On the top left corner of the page, phishers used the logo of the American Red Cross, a humanitarian organization, to make it appear that the donation would be sent to them! A donation summary was highlighted towards the left of the phishing page that displayed an amount of one euro. A hyperlink, “Donation for Japan earthquake victims”, was provided with the donation summary which redirected back to the same phishing page. Phishers fixed the considerably small amount of one euro in the hopes that users would be willing to pay the amount without hesitation.
There were two options of payment that users were required to select from. The first option was for customers of the brand, prompting them to pay from their account with the brand. The second option was to provide credit or debit card details. The card details asked for included card type, user name, date of birth, social security number, mother’s maiden name, postal address, telephone number, and email address. After the required information was entered, the phishing site displayed a “Thank you” message. The phishing site was hosted on servers based in Torrance, USA. Phishers have been devising strategies by which they can steal user’s confidential information for financial gain; fake donations, as this one, have been common bait.
Internet users are advised to follow best practices to avoid phishing attacks:
• Do not click on suspicious links in email messages.
• Avoid providing any personal information when answering an email.
• Never enter personal information in a pop-up screen.
• Frequently update your security software, such as Norton Internet Security 2011, which protects you from online phishing.