As Spring Festival is just around the corner, every one of us is busy thinking of New Year presents to buy for family and friends. However, shopping here and there is too troublesome. Now online shopping is the best option for reason of convenience. To pay online, just one click, enter card No., password. After that, the goods will arrive at your door. Lately, cybercriminals published faked or low-priced merchandizes and set up online payment web pages looking similar to a real banking site, but was actually a trap meant to trick online shoppers giving them their banking account details. Some victims reported their cases immediately through the internet once they found being cheated. Here we related some of these cases as reference to all. Online shoppers should beware of their tricks. Protect yourself and celebrate the Spring Festival with peace of mind.

【Spot a faked bank website】        【Scammers' common tricks】

【Case 1】                           【Case 2】

【Spot a faked bank website】
1. Website address (URL). URLs of true ICBC Personal Internet Banking home page and online payment web page begin with https://mybank.icbc.com.cn (or https://b2c.icbc.com.cn).
2. Padlock icon in browser and color-filled address bar. 128-bit SSL encryption is used for ICBC Personal Internet Banking home page and online payment web page. When they are opened, there is a "lock" icon displayed in the browser status bar. If your browser is IE7, color of IE browser address bar is green.
3. Reserved verification information. "Reserved verification information" is a service for ICBC customers to identify authentic ICBC websites, stop cybercriminals trick you to connect to their faked websites. First, you supply a paragraph of words ("reserved verification information") to ICBC. At the ICBC B2C online payment web page, once you enter card No. and verification code, your reserved verification information will be displayed on the web page automatically for you to check if the website is the true ICBC website. The website is a scam if you cannot find your reserved verification information on the web page or the displayed information is different from what is given by you.

【Scammers' common tricks】
Trick 1: Scammers attract you by all means to get your hands on their too-good-to-be-true prices, top-up cards, game cards. Then they snare you to their phishing websites through a variety of methods. Now, the scammer will ask you to pay 1 yuan or 2 yuan to prove that you can pay online. If you believe and go to the faked websites, the scammer will display a seemingly legitimate online payment web page of a bank and ask you to fill in your particulars.
Trick 2: Bogus website requires you to fill in payment card No., verification code and internet banking logon password. But an authentic ICBC online payment web page only prompts you to enter payment card No. and verification code, and displays your reserved information for you to check if the website is true once you enter correct details. Below is a snapshot of a faked website: three obvious flaws. I. The URL in the IE address bar is not https://mybank.icbc.com.cn. II. Customers have to fill in payment card No. and logon password. III. No padlock icon is displayed on the IE browser.
Trick 3: Once you enter card No. and logon password as usual, the faked payment web page displays a code card web page to make you believe you are on the ICBC website. But no display on the code card coordinates, only a red x, as below. The scammer then makes the excuse that ICBC system is busy because of upgrade or your internet speed is too slow, and asks you to refresh the web page many times until the code card coordinates are displayed.
Trick 4: After you enter the values shown in the code card coordinates, faked payment web page displays continuously a pop-up message "wrong code card password" and gives new code card coordinates. You then enter the value shown in code card coordinates and password many times.
Trick 5: Faked payment web page will ask you to enter at least two code card coordinate passwords, or gives a code card coordinate never existed, then ask you to enter the password.

【Case 1】
This is a story related by a Hubei victim:
I found this website selling virtual goods: http://www.65417.com (Jinding games.net). The website offers many cheap virtual goods, design of the website looks attractive with a comprehensive payment platform. I always buy virtual goods and I open an online shop in Taobao as well, so I wish to look for a good wholesaler. I then called up the website's customer service QQ: 130765402 ("Jinding Customer Services ②"). On the afternoon of February 15, I talked to Jinding customer service staff about buying a card. I thought of buying one World of Warcraft 600 Points card. If I was cheated, I only lost 22 yuan. So I followed the payment instructions given by the customer service staff. At the ICBC payment web page http://www.65417.com/b2c/ic.asp I entered my A/C and logon password.
At the final web page there were two crosses at the input box for code card. I asked Jinding customer service staff who asked me to refresh. I had to enter the corresponding alphabets after I refreshed. I entered the coordinates shown on my code card. No response. I logon my Internet Banking account to check. No suspicion since there was no change in the balance. Jinding customer service staff asked me to refresh and enter again. I followed the instructions, no response again.
I started to suspect something was wrong. I immediately checked my bank account, only 4-odd yuan left. I lost 575 yuan all of a sudden. I exit and logon again. The scammer has cancelled my Internet Banking. I then realized I have been cheated. I called police at once and ICBC customer hotline. ICBC staff asked me to go to A/C opening outlet to print the account details and reset Internet Banking. I went to A/C opening outlet on the afternoon next day and signed up Internet Banking again.  

【Case 2】
Mr. Han from Yinchuan suddenly received a message when shopping online. The message said that a digital website was running a promotion. Mr. Han was interested in a mobile phone only selling 850 yuan. He then checked up the website. The website had valid license and good reputation from the netizens. So Mr. Han followed the instructions to make the payment at the so-called "ICBC" Internet Banking. However, error came out every time when entering the password for code card coordinates. Mr. Han had no choice but went to ICBC to check. Only then Mr. Han found out more than 1000 yuan in the card has been transferred.