• Japanese-Language Phishing Emails Introduction For at least the past year or so, I’ve been receiving Japanese-language phishing emails to my blog email addresses at @malware-traffic-analysis.net. • I’m not Japanese, but I suppose my blog’s email addresses ended up on a list used by the group sending these emails. • They’re all easily caught by my spam filters, so they’re not especially dangerous in my situation. • However, they could be effective for the Japanese-speaking recipients with poor spam filtering. • Despite the different companies impersonated, they all follow a similar pattern for the phishing page URLs and email-sending addresses. • This diary reviews three examples of these phishing emails.

Article Summaries:

  • A blog author reports a wave of Japanese‑language phishing emails that have been sent to his blog’s email addresses for the past year. The messages impersonate well‑known companies-ANA (All Nippon Airways), DHL, and myTOKYOGAS-yet all use .cn domains for both the sender address and the phishing link. Email headers reveal the same X‑mailer (“Foxmail 6, 13, 102, 15 [cn]”) and similar IP addresses, indicating a single threat actor. While the author’s spam filters block the emails, recipients with weaker filtering could be tricked into revealing credentials. The author invites others to report similar incidents.
  • Japanese-Language Phishing Emails Introduction For at least the past year or so, I’ve been receiving Japanese-language phishing emails to my blog email addresses at @malware-traffic-analysis.net. I’m not Japanese, but I suppose my blog’s email addresses ended up on a list used by the group sending these emails. They’re all easily caught by my spam filters, so they’re not especially dangerous in my situation. However, they could be effective for the Japanese-speaking recipients with poor spam filtering. Despite the different companies impersonated, they all follow a similar pattern for the phis

Sources: