Increasing reports of phishing against NTT DoCoMo, paying attention to subject lines such as "d account lock" and "temporary suspension of use"

The Phishing Countermeasures Council has released information, saying that reports of e-mails that lead to NTT DoCoMo and phishing sites are increasing. The site is up and running as of 15:00 on September 14th, so keep an eye out for it.

The following are confirmed as the subject lines of phishing emails.

NTTドコモをかたるフィッシングの報告が増加、「dアカウントのロック」「一時的な利用停止」などの件名に注意

The body of the email has the following content, and it is said that the service of the d account has been stopped, and it is instructing to access the URL described.

Example of email text (from emergency information of the Anti-Phishing Council)

The destination is a website disguised as the login page of the d account, and you will be asked to enter the ID of the d account. After entering, the password entry screen will be displayed continuously.

Screen of the fake site of the guidance destination (from the emergency information of the anti-phishing council)

The following URLs of the phishing sites to which you are directed have been confirmed. Be aware that other similar domain names may be used.

https: // omm. ●●●●.cn/https://nttdocomo.jp.●●●●.com/https://ntt-docmo.●●●●.cn/https://coser.● ●●● .cn / https: //doser.●●●●.cn/https://momin.●●●●.cn/https://doco.●●●●.cn/https://www .ntt-docono-info. ●●●●.top/https://www.demo.coco.●●●●.cn/https://www.shopping.dmkt-sp.jp.●●●●. shop / https: //goodluck.●●●●.cn/https://servee.●●●●.cn/https://server.●●●●.cn/https://servet.●●● ● .cn /

The Phishing Countermeasures Council points out that "phishing sites are often created by copying the screens of real sites and are extremely difficult to distinguish." In addition, since similar phishing sites may be published, caution is advised to access from the official app or web browser bookmarks instead of using email or SMS links when logging in to the service. There is.

Related Articles