China is full of phish

Chinese phishing websites have rocketed in the last year, with 223 reported in 2004 according to a new report.

The report from the Chinese National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT/CC) suggests China is increasingly being used to host websites created for nefarious means.

"In 2004 CNCERT/CC received reports of 223 counterfeit sites on the Chinese network," the CNCERT/CC 2004 report said. "The overwhelming majority came international organizations and security groups."

Many of the sites spoofed were financial institutions such as the Bank of China. Most of them are created outside the country by criminals making use of ineffective Chinese laws covering cybercrime, and the complicated Chinese network which is difficult to police.

"The Chinese network is incredibly complicated," said Steve Linford, director of anti-spam organisation Spamhaus, in a recent interview with SC. "The Chinese recognise the problem but I don't think they really have a handle on how to deal with it."

The CNCERT report detailed an overall rise in cybercrime. In all, it handled 64,686 network security events last year.

Yesterday SC reported an overall growth in both phishing and pharming. The Anti-Phishing Working Group's (APWG) February Phishing Trends report suggested social engineering is no longer the weapon of choice for phishers. Instead malicious coding and keyloggers are being used to extort money from users.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.