List of “Phishing”

Incident

水野哲也 (Tetsuya Mizuno)

November 7, 2023

Credential Theft and Domain Name Hijacking through Phishing Sites

In early July 2023, JPCERT/CC confirmed a case of domain hijacking in which a domain used in Japan was unauthorizedly transferred to another registrar. This blog post describes the attack case. Attack overview Figure 1 shows the attack flow. The attacker first prepared a phishing site, which pretended to be a registrar on search site advertisements. Figure 1: the attack flow An attacker can steal account information and password (hereafter...
Read more
Incident

中井尚子（Shoko Nakai）

September 6, 2022

JPCERT/CC Releases URL Dataset of Confirmed Phishing Sites

JPCERT/CC releases a URL dataset of phishing sites confirmed from January 2019 to June 2022, as we received many requests for more specific information after publishing a blog article on trends of phishing sites and compromised domains in 2021. The list is available in the following GitHub repository. Phishing URL dataset from JPCERT/CC https://github.com/JPCERTCC/phishurl-list/ Each column contains the following: date: Date confirmed by JPCERT/CC URL: Entire URL of a phishing...
Read more
Incident

中井尚子（Shoko Nakai）

May 25, 2022

Trends of Reported Phishing Sites and Compromised Domains in 2021

JPCERT/CC received 44,242 incident reports in 2021 and of that 23,104 ...
Read more