Recently, according to a chart of the distribution of the number of reports handled in October obtained from the Anti-Phishing Website Alliance of China, the top three alliance members in terms of number of phishing websites handled were Taobao, Industrial and Commercial Bank of China (ICBC), and Galaxy Securities. By the end of October, the Anti-Phishing Website Alliance of China had cumulatively identified and handled 28,368 phishing websites. In October alone, 2,763 phishing websites were handled, which is an 85% increase compared to 1,495 in October 2009.
Relevant responsible persons indicated that e-commerce remains the hardest-hit area by phishing websites, and the risk of phishing for group-buying websites, discount websites, and other hot websites is continuously increasing. Therefore, it is recommended that internet users prioritize choosing discount websites and group-buying websites that have implemented "trusted website" verification when shopping online or participating in group-buying, to avoid falling into phishing scams.
The prevalence of network phishing
Yesterday, Miss Zhang, a citizen, informed us that due to the recent surge in prices and the approach of the year-end festivals, various discount websites on the internet have started numerous year-end promotional activities. A few days ago, she found a dress online; other stores priced it at over 500 yuan, with the lowest being over 400 yuan. However, one discount store offered the same style and quality for just over 200 yuan. The seller was very accommodating, and the price negotiation went smoothly. But when it came time to pay, the seller sent her a link via QQ, claiming that the transaction had to be made through this link. Miss Zhang felt something was off and refused.
Ms. Zhao, who lives in Fengtai District, Beijing, encountered an even stranger phishing scam. "A few days ago, I received an email from 'QQ Security Center,'" Ms. Zhao said. "There was nothing wrong with the sender's address, and the content of the email was also formal. It urged me to log in to the link provided in the email to obtain permanent protection permissions from the 'QQ Security Center.'" After Ms. Zhao clicked on the link, she discovered that not only was her QQ account not protected, but her account was also stolen.
Impersonating official websites and luring users to click on phishing websites under the guise of a security center, cybercriminals are going to great lengths in spreading phishing websites. From a social engineering perspective, so-called "network phishing" refers to a new type of crime that combines fraudulent psychology with computer technology. Cybercriminals use various means to mimic the web addresses and page content of real websites to defraud users of their bank or credit card account numbers, passwords, and other personal information.
Relevant individuals stated that although the efforts to combat phishing websites are continuously intensifying, cybercriminals' enthusiasm for creating e-commerce-related phishing websites remains undiminished, gradually forming a complete industrial chain. From impersonation targets, design and production to the launch of phishing websites, there is clear division of labor, short cycles, and relatively high success rates in phishing.
Phishing websites tend to cluster around popular topics
The consumption trends of internet users serve as the guide for cybercriminals to create imitation phishing websites, resulting in significant clustering effects in network phishing. Internet users should enhance their awareness of prevention.
At the end of the year, with frequent holidays, the willingness and frequency of people traveling and shopping will drastically increase. Travel ticketing websites and some group-buying and discount websites immediately become the new favorites for cybercriminals to create phishing websites. Currently, online shopping is exceptionally popular, and various group-buying and discount websites are emerging like mushrooms after rain. Since many group-buying websites mostly adopt prepayment settlement forms, group-buying users cannot choose cash-on-delivery options. For this reason, relevant responsible persons from the Secretariat of the Alliance specifically pointed out that the risk of phishing for group-buying websites is much higher than for other websites. Internet users can easily fall into the trap of online phishing scams.
Therefore, when internet users shop online, participate in group-buying, or book tickets online, they should prioritize choosing e-commerce, group-buying, or travel ticketing websites that have implemented "trusted website" verification. Before making payments, they should try to verify the authenticity of the website. If the "trusted website" verification logo cannot be opened or if there is a page error, then extra caution should be exercised to avoid falling into the trap of phishing scams.
Publicity Department of Xiangke China Information Department
Previous article: IT service industry expected to grow at double-digit speed in the next 5 to 10 years
Next article: None