Contributor: Avdhoot Patil
Promotion for Telugu movies has gained momentum in the world of phishing as they continue to be targeted with phishing scams. The phishing site featuring the movie “Brindavanam” is one example. In a more recent case, phishers used a captivating song from the Telugu movie, “Saitan” as bait.
The phishing site displayed a picture from a captivating musical number from the movie “Saitan” starring Telugu actress, Santosh Samrat, and Sri Lankan film and teledrama actress, Akarsha, on the left side of the phishing page. The picture from the musical number was taken from the legitimate movie website. The phishing site was titled, “Samantha & Kajal Very Hot Song” but in fact, these celebrities were not a part of this movie. Phishers used the popularity of these celebrities to attract large numbers of Samantha and Kajal fans.
The phishing page then encouraged users to enter their login credentials and stated that after logging in, they could watch the video. After a user's login credentials were entered, users were redirected to the legitimate movie website which featured a different song from a different movie, “Ye Maya Chesave”, starring Naga Chaitanya and Samantha Ruth Prabhu.
Due to the intimate nature of the musical number and the use of misleading names, phishers were probably hoping for a large audience, increasing the number of user credentials they could steal. If users fell victim to the phishing site by entering their login credentials, phishers would have successfully stolen their information for identity theft purposes. The phishing site was hosted on a server based in Montreal, Canada.
Internet users are advised to follow best practices to avoid phishing attacks:
- Do not click on suspicious links in email messages
- Do not provide any personal information when answering an email
- Do not enter personal information in a pop-up page or screen
- Ensure the website is encrypted with an SSL certificate by looking for the padlock, “https”, or the green address bar when entering personal or financial information
- Update your security software frequently (such as Norton Internet Security which protects you from online phishing)