ESET SPECIAL SITE

---

As of November 30, 2021, we have confirmed phishing that pretends to be Joshin web.

On such a phishing site, the authentication information (email address, ID, password), date of birth, phone number, credit card number, security code, expiration date, 3-D Secure authentication information, etc. Please be careful not to enter

When logging in to the service on a daily basis, please try to access it from the bookmarks of the browser you usually use, not from the link in the email or SMS.

[Email Subject]

[Joshin web] Card information update notice *Subjects other than the above may also be used.

[Site URL]

https://hone●●●●.cn/https://duan●●●●.cn/https://dali●●●●.cn/http://joshinweb-jp.●●●●.work /http://joshinweb-jp.●●●●.website/http://joshinweb-jp.●●●●.fit/ *Domain names and URLs other than the above may also be used. * The URL may have a path or parameters.

As of 2021/11/30 15:00, the phishing site is in operation. Please note that even if this site is taken down, similar phishing sites may be published. New phishing sites like this are being created every day. ESET products will continue to respond to newly created phishing sites as needed, but customers themselves should also be careful.

[Reference information]

Please be careful of fake sites and suspicious emails claiming to be Joshin web shops.

---

■ Examples of detection in ESET products

*If the anti-phishing function is enabled in ESET Internet Security V14.0/ESET Mobile Security V6.0, a notification like the one shown in the figure will be displayed.

---

■ Dealing with phishing emails/phishing sites

---

Canon IT Solutions Inc. (article provided by Cyber ​​Security Lab) is a full member of the Anti-Phishing Council.