Bogus Asian Chat App Steals Login Information

Contributor: Avdhoot Patil

New methods to entice victims into handing over their personal information are always being devised by the people behind phishing websites and the use of fake social networking applications is always popular.

During the past month, phishing on social media sites consisted of 8.6 percent of all phishing activity. Among the phishing sites targeting social media, 0.8 percent consisted of fake applications offering features such as free cell phone airtime, adult videos, video chatting, adult chatting, etc.

In March 2013, phishers used a fake Asian chat application on a phishing site hosted on a free web hosting site.


Figure 1. Phishing page spoofing a social networking site

The phishing site spoofs a popular social networking site and is titled “Pakistani chat room - Pakistani girls & boys chatting room”. On the right hand side of the page are poorly worded instructions on how to join the chat room. According to the instructions, after the user enters their login information they can chat with Pakistani and Indian girls for free. The page also boasts about a feature that helps users to find and chat with friends locally and worldwide. In reality, the next page of the phishing site is a fake chat page for Asian groups including Pakistani, Indian, and Arab.

Redirecting users to a fake site containing the previously offered application is a common strategy used in phishing attacks to avoid suspicion. This particular fake site has wallpapers of Indian film actresses and links to fake chat rooms. If users take the bait, the attackers would have successfully stolen their login information.


Figure 2. Fake chat site that user is redirected to after entering their details

Users are advised to follow best practices to avoid phishing attacks:

  • Do not click on suspicious links in email messages
  • Do not provide any personal information when answering an email
  • Do not enter personal information in a pop-up page or screen
  • Ensure the website is encrypted with an SSL certificate by looking for the padlock, ‘https’, or the green address bar when entering personal or financial information
  • Update your security software (such as Norton Internet Security which protects you from online phishing) frequently