The Trend Micro Content Security team has discovered a phishing attack targeting users of the German-owned file-hosting website, RapidShare.
Aside from their free hosting service, the website also offers a benefit for premium members who opt to pay a certain fee through PayPal, or by means of RapidShare authorized resellers. This nuance was not lost on unscrupulous phishers, who recently began to to aim for compromising user credentials through a spoofed RapidShare login page.
Figure 1. RapidShare phishing page
In the spoofed web page, phishers attempt to confuse their victims just enough to entice them to enter their login name and password.
In acquiring a victim’s RapidShare credentials, phishers will then be able to enjoy the same privileges as a premium RapidShare user — faster downloads, and downloading multiple files at the same time. Money really isn’t the only driving force for cyber criminals to steal credentials these days — they also attempt to leverage any means to further their crimes.
Premium users of RapidShare, who are also Trend Micro customers, are safe from possible information theft in terms of this attack — the Trend Micro Smart Protection Network already blocks the phishing page.