Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security

February 21st, 2011, 15:58 GMT · By

Phishing Campaign Targets South Africa's Largest Online Auction Site

SHARE:

Adjust text size:


Bidorbuy users targeted by phishers
Enlarge picture
Security researchers from Sophos warn of a phishing campaign targeting users of Bidorbuy, the largest South African Internet auction website.

The rogue emails purport to come from a hello@bidorbuy.co.za address and bear a subject of "Attention! Your BidorBuy account was stolen!"

This is a classic phishing attack where the victims are scared into exposing their credentials.

Traditional lures similar to this one include the threat of account suspension, fraudulent charges, suspicious activity, and so on.

The header and footer of the email body contain the Bidorbuy logo and copyright notice. The enclosed message is rather poorly formulated and reads:

"Attention! Your BidorBuy account was stolen! This is a must to ensure that only you have access and use of your BidorBuy account and to ensure a safe BidorBuy experience.

Please ckick on the link to recovery your account: https://www.bidorbuy.co.za/jsp/login/UserLogin.jsp

Please understand that this is a security measure intended to help protect you and your account. We apologise for any inconvenience."

Even though it appears to lead to an HTTPS secure website, the link points to a phishing page mimicking the Bidorbuy login form, which is hosted on a Russian server.

"It's worth everybody remembering that phishing gangs and cybercriminals don't just target users of multinational global brands such as eBay, PayPal and iTunes.

"They can also launch attacks targeted on local websites - hoping to make rich pickings if computer users aren't wary enough," warns Graham Cluley, senior technology consultant at Sophos.

The Bidorbuy company was founded in August 1999 and originally operated multiple online auction websites in countries like South Africa, India, Australia, Israel, Brazil, Argentina, Mexico, Italy and Spain.

The South African website is the only one still in operation and the company also bought stakes in other local Internet businesses, like the price comparison service Jump Shopping or online payment service PayFast.

TELL US WHAT YOU THINK:

893 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


New Phishing Scam Spotted on Facebook
New Steam Phishing Campaign Spotted
Bank of America Phishing Attack Delivers Spoofed Page via Trojan
Internationalized PayPal Phishing Attacks Spotted in the Wild
BT Customers Targeted by Phishers

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use