Celebrities are frequently featured in phishing sites. Now, phishers have taken an interest in targeting French users by using teenage celebrities as bait. Some of the celebrities recently used as bait were the singers Jojo, Justin Bieber, and Zac Efron. The phishing sites were hosted on free Web hosting sites.
In the first example, the phishing site spoofed the login page of an email service of a popular information services brand. The phishing page contained an image of Jojo and the contents of the page were altered to promote the singer. The legitimate brand does not promote any celebrities, but phishers modified the contents of the page to entice users. Phishers believe that by using popular celebrities they can gain a larger audience, which increases their chances of harvesting user credentials. After the login credentials have been entered, users are redirected to the legitimate website.
Other phishing sites, spoofing a social networking site, featured Zac Efron and Justin Bieber. In this case, after the login credentials have been entered, users are redirected to the singer's community page to create the illusion of a valid login. If users fall victim to the phishing site by entering their login credentials, phishers have successfully stolen their confidential information for identity theft purposes.
Internet users are advised to follow best practices to avoid phishing attacks:
- Do not click on suspicious links in email messages
- Do not provide any personal information when answering an email
- Do not enter personal information in a pop-up page or screen
- Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
- Update your security software (such as Norton Internet Security 2012) frequently which protects you from online phishing