Earlier today, we found a phishing site that poses as a donation site to raise money for the victims of the recent earthquake in Japan. The phishing site http://www.japan{BLOCKED}.com is created by using an open-source social networking system Jcow 4.2.1. It is hosted on the IP address 50.61.{BLOCKED}.{BLOCKED}, which is located in the United States. We’ve confirmed that the site is still active as of this writing.
Aside from hosting a phishing site, the cybercriminals behind this attack also abused the blog function of the website and inserted advertisement-looking posts, possibly to increase the site’s SEO ranking.
Such attacks are not uncommon as we’ve previously documented instances of attacks that leveraged natural disasters such as Hurricane Katrina in 2005, Hurricane Gustav in 2008, Chinese Sichuan earthquake in 2008, the latest attack used the Haiti earthquake in 2010.
Users should remember to choose trustworthy organizations when it comes to handing over their donations.
The Trend Micro™ Smart Protection Network™, through the Web reputation technology already blocks access to this phishing site even if a user is duped into clicking its link.
Post from: TrendLabs | Malware Blog – by Trend Micro
Phishing Attack Uses Fake Donation Website
Related Posts
- Phishing Attack Offering Fake Premier League Tickets
After executing a variety of notorious activities targeting the FIFA World Cup, spammers have shifted their focus slightly to target another popular soccer/football topic. Symantec has observed a spam... - Randomization of code and binaries used by a fake antivirus website
Last week, I talked about heavy obfuscation being used by attackers to hide their HTML source code from detection. This time we came across an interesting fake antivirus website, which not only contin... - Fake HMRC website offers bank refunds
A friend sent me this link, which is an interesting spin on the old "HMRC tax refund" scam - a fake HMRC claiming your bank wants to issue a refund instead.
Click to Enlarge
As you can see below, ... - New fake AV page uses Firefox internals
Most Fake AV pages mimic a Windows Desktop application running. In addition, the Fake AV pages have generally been the same regardless of which browser they are viewed. I recently found a new type o... - Phishing Attack on PayPal Italy
We are monitoring a phishing attack directed toward the customers of PayPal Italy. The email is very long and explains the reader why is it important to click on that link and to answer to the survey.... - Cartasi Italy under heavy phishing attack
We are currently observing an attack with different phishing emails and websites, targeting the customers of the Italian bank Cartasi.
We have spotted 4 different phishing attacks, 3 of them using t... - Inside a phishing attack: 35 credit cards in 5 hours
Phishing attacks have grown steadily in recent years, becoming a highly profitable attack for cyber criminals. In ESET Latin America’s Laboratory, we are used to finding and informing about phi... - Fake McDonald’s Survey is Phishing Scam
Appriver has uncovered a tasty new "Fillet O' Phish": A survey scam purporting to be from "McDonald's Consulting."
The scam tries to get your personal information, including credit card acc... - Australian job hunters offered money laundering jobs via fake seek.com.au website
Today, SophosLabs witnessed a new job spam campaign targeting Australians.
The email message claims to provide part-time jobs with excellent pay. The interesting part of this spam campaign is that th... - Fake White House holiday e-mail is cyber attack
WASHINGTON (AP) — It looked like an innocent e-mail Christmas card from the White House.
But the holiday greeting that surfaced just before...
Full story: Computer Crime Research News...
Posted on 16 March 2011. Tags: Attack, donation, Fake, Phishing, uses, Website
The above information is reprinted from and copyrighted © by Trend Micro.
