Video Screencast Help
Search Video Help Close Back
to help

Security Response

Showing posts tagged with phishing
Showing posts in English
Fake Survey Seeking Opinions on Social Networking Features
Samir_Patil | 27 Aug 2010 20:40:47 GMT | 0 comments

Symantec has observed a new spam tactic being used in which fake surveys are seeking users' opinions or views on features provided by their social networking site. The sample shown below is one such spam email targeting Facebook:

Various “Subject” lines of this spam are as follows:

Subject: Take our online survey and receive a new gaming unit!
Subject: Take our social networking survey and get a gift card!
Subject: Give your opinion on social networks and choose your prize!
Subject: Receive a hot new MP#3 player for your opinions!

Upon clicking the link provided in the message, the user is redirected to a fake survey page where the user has to answer questions related to features provided by social networking site. Upon completion of survey, the users are promised exciting gifts.

Spammers are trying to demonstrate the legitimacy of...

Read more
Phishers Target Automotive Sales Brands
Mathew Maniyara | 19 Aug 2010 13:58:22 GMT | 0 comments

In the past couple of months, Symantec has observed phishing attacks on legitimate automotive sales brands that are based in the UK and the USA. These brands help customers to sell new and used vehicles such as cars, motorbikes, etc. The legitimate websites also provide customers with the facility to advertise the vehicles they wish to sell.

There were several phishing sites created to harvest customers’ confidential information. The phishing sites were hosted on free Web hosting domains. In one of the phishing sites the page stated that the brand was offering customers the opportunity to advertise for free. The customer was required to complete an identity verification (that was fake) so as to avail of the free offer. The verification process prompted for the customer’s email address, the ad’s ID, and a security question with its answer. In this attack the fraudsters attempted to convince customers that the phishing page was authentic by providing the...

Read more
Phishing Courier Service Brands
Mathew Maniyara | 16 Aug 2010 18:34:36 GMT | 0 comments

Symantec has recently observed phishing websites spoofing courier service brands. There were primarily three brands targeted and fraudsters were attempting to steal customers’ login credentials.

So what’s in the login credentials of courier service brands that fraudsters can take advantage of? Couriers provide their customer with several online features upon registering with the brand’s legitimate website. The features help customers to track their shipments, make online payments for their orders, specify the address for delivery, and so on. If login credentials are stolen, fraudsters can benefit from these features because it may enable them to reroute valuable packages to any address they provide.

In one of the phishing sites, the page prompted the customer to update user details, purportedly because "the account had not been updated for a considerable time."...

Read more
A Phishing Scam Linked to “High School Musical”
Mathew Maniyara | 09 Aug 2010 21:30:36 GMT | 0 comments

In August 2010, Symantec observed phishing websites spoofing a social networking brand that was linked to the film “High School Musical.” Typically, phishing sites are created to appear identical to the original website so that end users will find it difficult to distinguish between them. In the past couple of months, some phishing sites that spoofed social networking brands contained Web pages that were a bit different from the original.

So, why are fraudsters creating these phishing pages that aren’t identical to the original? Fraudsters are modifying the phishing site so that the page looks as though the brand was promoting certain ideas. In many instances, the ideas were associated with celebrities, special occasions, pornography, movies, major events, etc. These ideas are incorporated by modifying certain aspects of the phishing site such as the logo of the brand, Web page background, images, and so on.

In this particular phishing site the...

Read more
Fraudsters Provide False Security for Facebook Users
Mathew Maniyara | 09 Aug 2010 21:10:48 GMT | 0 comments

In August 2010, Symantec observed a phishing website that targeted Facebook login credentials, which claimed to provide security to Facebook users. The page was not imitating the legitimate Facebook website, but appeared to be an alternate website that provided this facility. The phishing site was titled as a “Security and Privacy Update” website. The page stated that Facebook users were vulnerable to threats such as spam messages or hackers that could cause problems with their user profiles. The page further stated that if users confirmed their identity by providing login details, then they would be safe from such threats. On the contrary, if a user gave up their login details to the phishing site, the fraudsters would have succeeded and could steal the details for use in future attacks.

A free Web hosting site hosted the phishing site. The words used in the phishing URL gave the...

Read more
Phishers On a Live Chat?
Mathew Maniyara | 09 Aug 2010 19:18:36 GMT | 0 comments

Symantec recently observed a phishing website spoofing an e-commerce brand’s live support website. Many legitimate brands make use of this facility, in which customers interact with support representatives by chatting online to resolve any issues with the brand’s products or services.

Fraudsters are always looking for new techniques to use in the hunt for users’ information. In many cases, phishing websites that target customers’ login credentials are created by spoofing the login page of the legitimate brand. In this latest case, the phishing site in question is targeting the same types of credentials by spoofing the brand’s live support website. The phishing site involved bogus chat sessions to help the page look more authentic, trying to give customers the impression that the phishing website was interactive.

The phishing page asked for the customer’s...

Read more
Phishing Attacks on Indian Banks on the Rise
Mathew Maniyara | 05 Aug 2010 21:21:48 GMT | 0 comments

July 2010 was the month for phishing attacks on Indian banks. A three percent increase in phishing attacks on Indian banks from the previous month has been observed. In particular, Symantec has observed phishing websites that spoofed the Oriental Bank of Commerce—several phishing URLs spoofing the bank were reported in the month of July. In fact, the bank was one of most targeted Indian banking brands during the month.

The phishing site that spoofed the login page of the bank asks for confidential information, such as the customer’s e-mail ID and transaction password. The fraudster’s motive of stealing the login credentials was financial gain. A free webhosting site hosted the phish site. It is quite evident that fraudsters are targeting Internet banking users by increasingly creating more phishing sites and spoofing as many popular Indian brands as possible.

 

...

Read more
Phishers Target Mobile Service Providers
Mathew Maniyara | 03 Aug 2010 19:46:04 GMT | 0 comments

In July 2010, Symantec observed phishing sites that spoofed the legitimate brands of mobile service providers. (The legit brands are based in the UK and Norway.) Fraudsters are always looking for new techniques with which they can steal customers’ sensitive information for financial gain. With these particular phishing sites, phishers were attacking the telecommunications industry to access customers’ bank accounts.

The phishing sites were circulated by means of spam email messages. Various subject lines were used in an attempt to lure customers—most of the subject lines were related to the customers’ mobile billing statements. In this example, the phishing site stated that the customer had to confirm his or her billing information due to a recent change in contact details. Upon entering the login credentials, the page asks for sensitive information, including contact...

Read more
Phishing Site Uses Katrina Kaif as Bait
Mathew Maniyara | 29 Jul 2010 19:00:28 GMT | 0 comments

In the past couple of months, pornography has been used as bait in several phishing websites. In particular, phishers used fake images of the Indian film star Katrina Kaif on a phishing site that spoofed a social networking brand. The images were modified to increase their pornographic appeal.

Katrina Kaif is one of the most popular actresses in Indian cinema today. Recently, the actress has been in the news because of the circulation of a fake adult video on the Internet. The video, claiming to be of the actress, actually features a look-a-like. The title of the phishing site displayed “Katrina Kaif’s XXX Tape,” giving the impression that the video in question was available for viewing. The scam attempts to dupe users into thinking that they can view or download the (bogus) video if they enter their login details for the legitimate social networking site. Of course, once a user enters login details, the phishers will have succeeded in harvesting them for...

Read more
After Football, Scammers Pursue the Cricket World Cup
Mathew Maniyara | 28 Jul 2010 09:45:19 GMT | 0 comments

The ICC 2011 Cricket World Cup begins on February 17, 2011, and phishing sites promoting the tournament have already been observed:

One of the phishing sites spoofs a popular social networking site and has a logo of the brand containing some artwork. It is interesting to note that the artwork has a sketch of the Arc de Triomphe in Paris. The fraudster probably intended to represent the Gateway of India in Mumbai, since the cricket finals will be held there. When the logo is clicked, information related to the event is displayed. Below the logo are icons for the sponsors and sports channels in India that will broadcast the tournament. The schedule of the matches has been finalized and tickets have been available for sale since June 1, 2010. The phishing site claims that users can get tickets to the matches by entering their login credentials. If the fraudsters are successful with the lure, users...

Read more