Fake Phishing Webmail Targets Chinese Users


Trying to log in to your Chinese Gmail or Yahoo! webmail? Check carefully…. over the past few days phishers have spread a broad attack trying to entice users to give up their credentials to a fake login page for Google and Yahoo-reminiscent addresses, with a .cn (China) domain. Examples include (and there are dozens of them): m-google.cn, zz-yahoo.cn, gy-yahoo.cn, ab-google.cn, etc.

Of course, most users would notice that the interface appears very different from what they are used to.

Phishing login site:

Legitimate Yahoo! login page:

Legitimate Google Gmail login page (don’t get confused by looking at gmail.cn – that is a different company, not related to Google):

I can only guess what the phishers want these login credentials for; most likely to use the compromised accounts to send more spam, malware or phishing messages. They can also view the email messages of the compromised accounts to see what other things the user is doing, for example where they bank, to attempt to steal even more high-value credentials.

Go back