According to Symantec report, One-Click Fraud has been targeting computer users in Japan for a while now. The fraud involves users attempting to access the porn movies. When a user try to access porn contents, Malware is downloaded along with the actual movie and infect the system.
The malware start to show annoying pop-up message that ask victim for payment to register in their website. Since they pop-up message is annoying, the users will try to pay with the hope that the pop-ups will disappear, although they may not actually disappear.
While one-click fraud is still common on computers, now these sites target smartphones ,specifically Android and the iPhone.The attack can work in Windows phone and Blackberries but this time they are not targeted.
The users become victim when they click the link in a spam mail or clicked on a link they have stumbled across on a website. Smartphones users got this link through spam mail.
The Spam mail:
The website will ask users to register. After Symantec researchers analyzed it, they found that the terms&coditions is being hide from users while registering, it only shows the end of the terms . It automatically mark the "accept terms and conditions".
After registration, they are asked to pay for the service within three days, which is an exorbitant Y55,000 (US$700). The site makes registration look real by displaying the IP address used by the phone, browser details, customer ID, and so on.
When exiting the registration page, a message pops up as a reminder that the user has indeed joined the service and tries to intimidate the user into paying by stating that details of the phone used for the registration have been saved by the site.
At this point, users are now subscribers and they have their own personal page that details when payments are due, how long they are subscribed for, a customer ID, and a unique 40-digit ID to make them think that the site owner can track them down.
The site does give an option of unsubscribing in accordance with the terms and conditions; however it fails to do the task.
Don't pay any amounts , if you fall for these type of attacks. Symantec recommends to close the browser and never visit the site again.
No need to worry about the Smartphones details that were displayed on the site, the site owner does not possess any relevant information about you or your phones to do them any harm. But if you decide to make payments or try to contact the website owner , it will collect your personal information such as bank details, email,phone numbers. These details can be used in future for malicious purpose.
The malware start to show annoying pop-up message that ask victim for payment to register in their website. Since they pop-up message is annoying, the users will try to pay with the hope that the pop-ups will disappear, although they may not actually disappear.
While one-click fraud is still common on computers, now these sites target smartphones ,specifically Android and the iPhone.The attack can work in Windows phone and Blackberries but this time they are not targeted.
The users become victim when they click the link in a spam mail or clicked on a link they have stumbled across on a website. Smartphones users got this link through spam mail.
The Spam mail:
“Would you like to connect to http://nm****.com/z1?”
The website will ask users to register. After Symantec researchers analyzed it, they found that the terms&coditions is being hide from users while registering, it only shows the end of the terms . It automatically mark the "accept terms and conditions".
After registration, they are asked to pay for the service within three days, which is an exorbitant Y55,000 (US$700). The site makes registration look real by displaying the IP address used by the phone, browser details, customer ID, and so on.
When exiting the registration page, a message pops up as a reminder that the user has indeed joined the service and tries to intimidate the user into paying by stating that details of the phone used for the registration have been saved by the site.
At this point, users are now subscribers and they have their own personal page that details when payments are due, how long they are subscribed for, a customer ID, and a unique 40-digit ID to make them think that the site owner can track them down.
The site does give an option of unsubscribing in accordance with the terms and conditions; however it fails to do the task.
Don't pay any amounts , if you fall for these type of attacks. Symantec recommends to close the browser and never visit the site again.
No need to worry about the Smartphones details that were displayed on the site, the site owner does not possess any relevant information about you or your phones to do them any harm. But if you decide to make payments or try to contact the website owner , it will collect your personal information such as bank details, email,phone numbers. These details can be used in future for malicious purpose.
Security Tips:
- If a user has unwittingly signed up for this site, user can just remove the cookies in their browser as that is what is being used to identify visits to the site. By deleting the cookie, the site will display its pages as if they never visited the site before.
- Never open a spam mail or click any links.
