A Phishing Scam Linked to “High School Musical”

In August 2010, Symantec observed phishing websites spoofing a social networking brand that was linked to the film “High School Musical.” Typically, phishing sites are created to appear identical to the original website so that end users will find it difficult to distinguish between them. In the past couple of months, some phishing sites that spoofed social networking brands contained Web pages that were a bit different from the original.

So, why are fraudsters creating these phishing pages that aren’t identical to the original? Fraudsters are modifying the phishing site so that the page looks as though the brand was promoting certain ideas. In many instances, the ideas were associated with celebrities, special occasions, pornography, movies, major events, etc. These ideas are incorporated by modifying certain aspects of the phishing site such as the logo of the brand, Web page background, images, and so on.

In this particular phishing site the fraudster included an image displayed as an advertisement for the social networking brand. The image was a picture of the popular film “High School Musical,” which was produced by the Disney channel. The phishing page gave the impression that the social networking brand was promoting the television film; this fake endorsement can be seen in the login message that prompted users to sign in to the brand’s High School Musical Web page:

The fraudsters’ motive was to trick customers into thinking that they could view the video or read and discuss more about the film after logging in to the site. Of course, once a user enters login details, the phishers will succeed in stealing the information for malicious purposes.

The phishing sites were hosted on free Web-hosting sites. The phishing URLs indicated that the content was linked to the High School Musical film. Below is an example of one such URL:

hxxp://******/highschoolmusical.htm [Domain name removed]

Internet users are advised to follow best practices to avoid phishing attacks. Here are some basic tips for avoiding online scams:
•    Do not click on suspicious links in email messages.
•    Check the URL of the website and make sure that it belongs to the brand.
•    Type the domain name of your brand’s website directly into your browser’s address bar rather than following any link.
•    Frequently update your security software, such as Norton Internet Security 2010, which protects you from online phishing.

-------------------------

Note: My thanks to the co-author of this blog, Ashish Diwakar.