InfoSec
[General Users] [Youngsters & Students] [Parents and Teachers] [IT Professionals] [SME]
Make Use of Cousin URL
Social engineering technique is often used in phishing emails. These spoofed emails will have similar tone of messages, logos or names of the organisation from what appeared to be the legitimate organisation. The objective is to entice the recipient to enter his personal information. These fake websites normally use Cousin URL links, which are similar to the URL of the original website.
For example, the followings are some cousin URL of bogus websites for banks in Hong Kong.
| List of banks | URL | Examples of Bogus Cousin URL |
| Bank of China (Hong Kong)
Limited (BOCHK) 中國銀行(香港)有限公司 |
www.bochk.com | www.bochkvip.com www.bchk.cn |
| Bank of East Asia, Limited
(BEA) 東 亞 銀 行 |
www.hkbea.com | www.onlinebea.com www.boeasiauk.com www.boeauk.com www.ebeauk.com |
| Dah Sing Bank Limited
(DSB) 大 新 銀 行 |
www.dahsing.com | www.daxinte.com www.dlfh.com www.dasxin.com |
| DBS (Bank) Hong Kong
Limited 星 展 銀 行 ( 香 港 ) 有 限 公 司 |
www.dbs.com | www.dbshk.net www.dbsbankhk.com |
| Fubon Bank 富邦銀行 |
www.fubonbank.com.hk | www.fubonhk.com |
| Hongkong and Shanghai
Banking Corporation Limited 匯 豐 銀 行 |
www.hsbc.com | www.hkhsbc.com www.hkebc.com www.hsbccom.hk |
| International Bank of
Asia Limited (IBA) 港 基 國 際 銀 行 有 限 公 司 |
www.iba.com.hk | www.hkiba.com www.ibabankhk.com |
| Industrial and Commercial
Bank of China (Asia) Limited 中 國 工 商 銀 行 ( 亞 洲 ) |
www.icbcasia.com | www.icbc-online.com www.icbcasiachina.com www.icbcasiachina.cn |
| Standard Chartered Bank
(Hong Kong) Limited 渣打銀行(香港)有限公司 |
www.standardchartered.com.hk | www.stbhk.com |
| Wing Lung Bank Limited 永 隆 銀 行 有 限 公 司 |
www.winglungbank.com.hk | www.winglungonline.net |
Make Use of Bogus URL and Browser Vulnerabilities
Some bogus websites make use of URI Syntax to form a bogus URL to hide the bogus website address. The URI syntax allows the format of using "@", "%" encoding and Unicode encoding.
Microsoft has reported an IE vulnerability in handling URL is found (MS04-004 issued on Feb 2004). A malicious user might use this syntax to create a hyperlink that opens a bogus website rather than the legitimate website as it appears. This will also hide the actual visited bogus site from displaying and showing in the Address and Status Bar of web browser.
Other Common Techniques
Use legitimate website's look but redirect to another bogus website or pop-up window to confuse visitors.
Use cross-site scripting technique to install malicious codes or scripts on a legitimate website, and then the malicious scripts will be sent along with legitimate web contents to the visitor's browser where they will be executed on the visitor's computer to steal his credentials, to exploit his browser's vulnerabilities or to redirect the browser to other fraudulent websites.]
Visual spoofing: Open a pop-up browser without displaying the URL address, menu bar and status bar. The phishers rebuild the menu bar, address bar and status bar which display the fake information. The status bar displays the "lock" icon to confuse visitors that a secure SSL session is loaded and enabled.
Use META tag to redirect the real site to the fraudulent site at the back.
| Back | Top |
Sitemap | Contact Us | Privacy Policy | Important Notices
Copyright 2002. The Government of the Hong Kong Special Administrative Region.