Contributor: Avdhoot Patil
Phishers have already made their mark in Southeast Asia by targeting Indonesians. For the past couple of years, celebrities have been their key interest in the region. Aura Kasih and Ahmad Dhani are good examples. In March 2013, phishers turned their attention toward Myanmar by incorporating model and actress Wut Hmone Shwe Yee in a phishing site.
The phishing site spoofed a popular social networking site in order to ask for user login credentials. The phishing page was in Burmese. The background image contained a photograph of Yee from her recent modeling photo shoot. The phishing site stated that users can learn more about the model after logging into the social networking site. Phishers even designed the phishing page to include adult content in the hopes of enticing more end users. After login credentials are entered, the phishing site redirected to a legitimate site of Myanmar models. The strategy to redirect users to this legitimate site is to create the illusion of a valid login. This phishing site was hosted using a free webhosting service. If users fell victim to the phishing site, phishers would have successfully stolen their information for identity theft.
Internet users are advised to follow best practices to avoid phishing attacks:
- Do not click on suspicious links in email messages
- Do not provide any personal information when answering an email
- Do not enter personal information in a pop-up page or screen
- Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
- Update your security software (such as Norton Internet Security 2012) frequently which protects you from online phishing