TrendLabs reports that they have discovered several instances of “spear phishing”. Spear phishing is a specific type of phishing fraud that involves customizable emails and URLs directed at specific targets.
This time, the scammers modified the FROM field of the email so it looks like the sender is also an employee of the company the recipient works for. The URL in the email is also modified according to recipient, and takes him/her to a fake Gmail Taiwan login page, where the user’s email address is already entered. If he enters the password – he has been phished.
The phishing sites are registered in China, and it seems that the attacks are aimed at Taiwan government officials. The malicious domains are constantly changing so they don’t get blocked.