Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Syrian Regime’s Opposition Gains Phishers’ Sympathy

Created: 04 Feb 2013 18:27:27 GMT • Updated: 23 Jan 2014 18:09:59 GMT • Translations available: 日本語
Mathew Maniyara's picture
+1 1 Vote
Login to vote

Contributor: Avdhoot Patil

Recently, cybercriminals have been focusing on the conflict in Syria to incorporate current events in their cyber warfare. In December 2012, phishers mimicked the website of a well-known organization in the gulf with the motive of stealing a user's email login credentials. The phishing site asked users to support the Syrian opposition by casting their vote against the Syrian regime. The phishing pages were in Arabic and the phishing site was hosted on servers based in Dallas, Texas, United States.

The phishing site asked users if they wanted to criminalize the Syrian regime for the murder of innocent people. As seen in the image below, options were provided to agree or disagree. If the agree option was selected, the phishing site prompted users to select their email service provider, from a list of four popular providers, and then login in order to cast their vote.
 

Figure 1. Consent to criminalize Syrian regime
 

Figure 2. Email service provider choice
 

After the login credentials for the chosen email service provider had been entered, the phishing site redirected to an acknowledgement page. The acknowledgement stated that the voting process was successful and that the results would be displayed on January 1, 2013.
 

Figure 3. Vote acknowledgement page
 

Phishers relied on the sentiments of a vast number of people in Syria and the rest of the Arab world who are fighting against the Syrian regime. Phishers believe that targeting a large number of users leads to more duped users. If users fell victim to the phishing site, phishers would have successfully stolen their information for identity theft.

Internet users are advised to follow best practices to avoid phishing attacks:

  • Do not click on suspicious links in email messages
  • Do not provide any personal information when answering an email
  • Do not enter personal information in a pop-up page or screen
  • Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
  • Update your security software (such as Norton Internet Security 2012) frequently which protects you from online phishing