In April, Mike reported an increase of QQ phishing sites. This does not come as a surprise, QQ is the equivalent of Google + eBay + Paypal in China. QQ first started as an Instant Messaging site and has now evolved as a Chinese web giant, with e-mail, search, online auctions, online payments, etc.
QQ Security Center
The main target here is the QQ Security Center aq.qq.com, which is used, among other things, to retrieve lost passwords, confirm account ownership, etc. The phishing sites are exact copies of the original site.
- hxxp://www.qqaq.info/
- hxxp://aq.qq.com.inddexx.com/
- hxxp://aqq.txfree.net/aq/
- hxxp://aq.qq.com.cgi-get.tencant.com.cn/
- hxxp://aq.qq.sevrivae.cn-indvx.com/index.asp
- hxxp://qq2010hd.h7.8210.cn/qq/88.htm
Phishing site hxxp://www.qaq.info/ |
QQ Rewards
The other popular QQ phishing target is the Reward Center, where QQ rewards users for using their services. Fake QQ Reward Centers attempt to steal user credentials. Like for the QQ Security center scam, all phishing pages are nearly identical, and not detected by Phistank or Google SafeBrowsing.
QQ Reward phishing page |
- hxxp://ctqq.in/qq/
- hxxp://asdsdf.ns3.lianfa.info/qq2010/
- hxxp://1111aaaa.01kro.idcqq.net/3/
- hxxp://qqtx08.tk/
- hxxp://nghfyu585.us3.hg288m.com/qq1/
- etc.
hxxp://qqtx08.tk/ QQ phishing site |
-- Julien