Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us

    Trend Micro threat analysts come across a huge number of phishing cases that feature nearly identical domain names every day. In a Web reputation manual verification exercise, analysts found that three of the most popular phishing targets to date were Chase, the Internal Revenue Service (IRS), and, just recently, Web hosting sites.

    To launch such an attack, cybercriminals use the phishing URL format cpanel.{attacked_company}.{phishingdomain}/scripts/cpanel-ftp-confirmation.php.

    In this kind of attack, the phishing URL loads a page where users are asked to enter the following information:

    • FTP hostname/address
    • FTP login
    • Password

    Once the users enter the required information, they will receive a confirmation message. They will then be redirected to the legitimate Web hosting site to fool them into thinking that they have not just been phished. Little do they know that their sites have been compromised and may be used by cybercriminals to further their own malicious causes. And worse, if they use the same login credentials (username and password) for other sites (e.g., banking and email), they may have just fallen prey to identity theft.

    Click for larger view Click for larger view

    Phishers who use this technique usually target .uk (United Kingdom) domains .be (Belgium) domains.

    Trend Micro users are protected from this threat via the Smart Protection Network, which detects and consequently blocks user access to all related phishing URLs.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice