Phishing Attack Uses Fake Donation Website
Earlier today, we found a phishing site that poses as a donation site to raise money for the victims of the recent earthquake in Japan. The phishing site http://www.japan{BLOCKED}.com is created by using an open-source social networking system Jcow 4.2.1. It is hosted on the IP address 50.61.{BLOCKED}.{BLOCKED}, which is located in the United States. We’ve confirmed that the site is still active as of this writing.
 |
 |
Aside from hosting a phishing site, the cybercriminals behind this attack also abused the blog function of the website and inserted advertisement-looking posts, possibly to increase the site’s SEO ranking.
 |
Such attacks are not uncommon as we’ve previously documented instances of attacks that leveraged natural disasters such as Hurricane Katrina in 2005, Hurricane Gustav in 2008, Chinese Sichuan earthquake in 2008, the latest attack used the Haiti earthquake in 2010.
Users should remember to choose trustworthy organizations when it comes to handing over their donations.
The Trend Micro™ Smart Protection Network™, through the Web reputation technology already blocks access to this phishing site even if a user is duped into clicking its link.
 |
Post from: TrendLabs | Malware Blog – by Trend Micro
Phishing Attack Uses Fake Donation Website
Spotlight
Cloud Computing
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- DHS needs better sharing plan, experts say
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- SEC may ask for more information after cyberattacks
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet