Phishers are constantly targeting newer brands from diverse industries, with the sole motive of fraudulently acquiring a large amount of users’ confidential information for financial gains. Symantec has observed and followed up with some recent trends in phishing attacks targeting some of the popular online gaming websites. Since the beginning of this year there has been a steady rise in phishing attacks on gaming websites.
Why and How?
The primary motive of fraudsters is to seek out users’ confidential information, such as the login details for online gaming websites. The sample shown below is of a typical phishing Web page created by the fraudsters, which mimics a popular online gaming website. To trick users into trusting the phishing website, the phishers add a widget (to monitor online visitors) that will display some random number of purported online users visiting the site at a given time.
...
The fraudsters are constantly coming up with innovative ways to deceive innocent users of the Internet. Symantec recently observed an increase in phishing attacks facilitated by spam email messages that are targeted towards a popular email client application. The spam message requests the intended victims to re-configure the email client application by clicking on the link provided in the email. The phishing spam messages previously in circulation had a malicious file attached as a setup for the bogus update.
The recent spam email messages, in an attempt to make appear legitimate, also provide a contact number for any queries regarding the update:
“If you have received this message in error, please notify us immediately by calling (310) xxx-6428 and destroy the related message.”
The bad guys deserve recognition for being ever mindful of significant events and the recent scheme of phishing attacks doesn’t leave us surprised. Symantec recently observed a fresh round of phishing scams targeting the Australian Taxation Office (ATO) at the closing of the financial year.
The opportunistic scammers are distributing phishing emails that falsely claim to be from the ATO, offering online tax refunds. The email bears the tax office logo and a lure to visit the phishing link for the phony tax refund request:
The scam emails have a From and Subject header such as the following:
From: Australian Tax Office <admin@ato.gov> Subject: ATO Notification-...
Well, it looks like phishers are now focusing their efforts on Facebook. Symantec has observed that a current method of attack sends a message to a victim's Facebook account "Inbox," as well as an email notification with the subject "Hello" or "Hi.” The email appears to have come from the victim's friend and includes text asking the user to visit an obscure URL link. Apparently, the link takes the user to a fake login page of the popular Facebook site.
Similar to the last week's “.im” and “.at” domains, this time the domains used are of the type “.be”. If you see a similar email or notification, do not click on any such .be, .im, or .at links, or enter in your Facebook username and password. Attackers will try to steal your login credentials so that your account can be used to launch future attacks—making you infamous within your Facebook circle of friends for inadvertently sending that message and...
