Fraudsters Running a Classified Ad Campaign

Symantec has recently observed a trend of phishing sites attacking brands that feature online classifieds. The legitimate classifieds brands help customers seek and exchange information on various categories such as employment, real estate, automotive, matrimonial, and so on. These brands are typically free of cost and only require users to open a free account and do not include any form of monetary transaction. So, why are fraudsters attacking the brand when there is no financial transaction taking place?
Well, after stealing the user’s login information, the attacker then looks at the list of the user’s postings. Upon studying the categories of advertisements the user has been through, the attacker can send targeted phishing emails. This is all possible because the stolen login information consists of both the user’s email ID and password, rather than just a unique user ID.
The phishing emails are sent with several subjects; for example, the organization wants to confirm the user’s identity so as to place a customer’s order, or to transfer funds to make a purchase, etc. In order to better serve up their attacks on customers, fraudsters are taking advantage of the fact that online classified advertisements often have too many categories to choose from. Also, these brands deal with millions of customers and have billions of page visits a month, all of which provides attackers with a large pool (continue reading...)