Chinese Web users face wave of phishing and spam

The Internet is different in China, and not just because of the Great Firewall (arriving soon on desktops too).

A report from Symantec, the State of Phishing monthly report for May, published in June, shows that while phishing attacks in most countries focus on gaining access to banking credentials, attacks in China focus on gaining access to e-commerce credentials.

That’s because not many Chinese banks are online yet, according to Dermot Harnett, Symantec senior director of anti-spam engineering and a co-authors of the report.

“In China, attacks target accounts on auction sites. Banks are targeted in other countries,” he told

He added that when Chinese banks start implementing online banking, he expects to see their users targeted by phishing attacks.

The news comes as Chinese PCs increasingly becoming the source of attacks on users in other countries.

However, such attacks are often perpetrated by criminals outside of China, according Verizon Business’ Dr. Peter Tippett, founder of ISCA Labs which is now part of the company’s Cybertrust division. At the Cyber Infrastructure Protection ’09 (CIP 09) conference at the City University of New York (CUNY), he told attendees that there were twice as many attacks originating in Russia and the U.S. as there were attacks originating in China.

“Poorly configured PCs in China are often part of the attack, but a full investigation often shows that China is not the source,” he said.

Those poorly configured PCs are taking their toll on the quality of the Internet in China. According to the MessageLabs Intelligence Report for May 2009, China is the second most virus infected and spam afflicted nation in the world, behind only Brazil.

News Around the Web