Phishing (fraud) site that steals credit card information by disguising Japanese version of Google Play appeared

Japanese version of Google PlayThere is a phishing site that attempts to steal account information by camouflaging it. It seems that there is no doubt that the target is Japanese as it is Japanese version.

Example of Japanese phishing website on 'Google Play', Confirmation by SMS | Trend Micro Security Blog
http://blog.trendmicro.co.jp/archives/14462

I announced on the official blog that Trend Micro of the security countermeasure software confirmed the example of a phishing site that impersonated the Japanese version of Google Play and let users enter Google account information and credit card information.

The signature is to send an SMS to a phishing site. According to Trend Micro, the specified URL is an address that is not a Google.com domain, but there is a possibility of mistaking it as a shortened URL. As far as the text is concerned, we are requesting to add payment information for the Google Play account. Tap this URL ......


A form asking for a Google account, password, credit card number will appear. Whether you are asking for information on the Google Account itself to add payment information (credit card information) to your Google Account, it is strange if you think carefully, but the possibility that you will not be wondering about the possibility It seems likely. In addition, there are still many doubts about not being the URL of the google.com domain as usual, the logo of the Google Play logo is also the old logo, but I can not say that I will not be cheated inadvertently.


This phishing scam that hits Japanese version of Google Play using SMS seems to be a target for Japanese who use smartphones. According to Trend Micro, phishing sites pretending to be Google Play by SMS of this hand had been confirmed around July 2016, but those which pretended as Japanese version began to be confirmed from mid January 2017. Attention is required for dubious sites asking for registration of Google account information and credit card information from SMS.

According to Trend Micro, account information used for authentication with multiple services like a Google account is highly valuable to cyber criminals and it will continue to be targeted. In addition to Google accounts, it's better to be alert about phishing sites aimed at Apple ID, Yahoo! account, Microsoft account, Amazon account,