Phishing and Online Scam in China

Presented at DEF CON 19 (2011), Aug. 6, 2011, 6 p.m. (20 minutes)

Today, Ebay, Paypal and WOW are all popular targets of global phishing. However, phishing in China is different from that in other countries. The Chinese government has already placed a lot of focus on this issue, however, online scams have already gone beyond the traditional scope of phishing. For example, one of the top five phishing targets is CCTV, which is an official Chinese TV station that produces several of the most widely distributed Chinese TV channels. I will explain how hackers get money through CCTV phishing. In the first part of the presentation, I will introduce the event about massive online bank phishing attacks, which target customers of the "Bank of China" at Feb, 2011. Then, I will share information about popular scams, which try to trick people into believe they won the lottery or bought cheap tickets. Finally, I will show a case about Taobao phishing, analyze its framework and the source code behind it.

Presenters:

• Joey Zhu - Staff Engineer, Trend Micro Inc.
  Joey Zhu is a staff engineer at Trend Micro Inc. He joined Trend Micro's CoreTech team in 2005. He is highly experienced on threat knowledge and developed the sandbox for TrendLab when working as an expert at PH in 2007. Since 2008, he has been the leader of the ScriptAnalyzer project, which is analyzing HTML/Script to clean up web threats for browsers. Now he is also focusing on anti-phishing solutions.

Links:

• https://defcon.org/html/defcon-19/dc-19-speakers.html#Zhu
• https://infocon.org/cons/DEF CON/DEF CON 19/DEF CON 19 video and slides/DEF CON 19 - Joey Zhu - Phishing and Online Scam in China - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=a2qdH2N4g6M

Similar Presentations:

• DerbyCon 3.0 All in the Family (2013) / Phishing Like The Pros
• DerbyCon 3.0 All in the Family (2013) / Phishing Frenzy: 7 seconds from hook to sinker
• THOTCON 0x5 (2014) / Phishing Frenzy: 7 seconds from hook to sinker