Symantec has observed a sudden rise in phishing on Indian brands recently. The number of phishing URLs on Indian brands in the first two weeks of August was nearly 2% of all phishing attacks. In the past, the usual average was typically 0.5%. This means that the rise has grown four fold in just two weeks.
The geo-location of each phishing site was examined and it was observed that none were in India. But, it is likely that at least some of the phishers involved are in India since the confidential data stolen can be used for specific Indian needs. For instance, there are several websites dedicated to the purchasing of Indian goods and articles, which accept net banking payments only from a given list of Indian bank accounts. Hence, the attackers may be employing every means of masking their location by creating their website elsewhere and not on Indian servers.
There were five brands targeted that were all in the banking sector for the given time period. Among these five brands, 83% of the attacks targeted just one brand.
The following are some of the noteworthy statistics with respect to the phishing sites on Indian brands:
• The majority of the sites were hosted in the USA and South Korea; about 56% of the sites were hosted on US-based servers and about 13% in South Korea.
• The top cities hosting the sites were Houston, Chicago, Las Vegas, Seoul, and Atlanta.
• The highest occurrence of country code TLDs was Korean.
• Among the URLs examined, six were hosted on free Web hosting sites.
One needs to maintain caution while banking online. It is important to use certain safety measures to avoid phishing. Some best practices advice to be safe from falling prey to phishing sites are:
• Do not click on suspicious links from emails. No bank will ask for confidential information via an email.
• Check the URL of the website and make sure that it belongs to your bank.
• Type the name of your bank directly in your browser rather than following any link.
• Frequently update your security software, such as Norton Internet Security 2009, which protects you from online phishing.