Users of Alibaba.com are being targeted with a new phishing campaign. The campaign is spoofing the sender’s email address to look like a legitimate Allibaba.com contact, feedback@service.alibaba.com and the subject line is “Alibaba member account verification.” The emails in question ask users to verify their account information and contain a link to a fake Alibaba.com login page. After the users enter their email address in the fake Alibaba.com web page, they’ll receive a message which states, “Verification Completed, Your email will not be included in any spam or fraudulent list. You are now safe to access your email. Thanks for using our email verification system.” 

If the user has been tricked into providing their login credentials to the fake website, the perpetrators of the phishing scam will be in possession of their username and password for Alibaba.com and may access the information contained therein. It’s important to note that as phishing campaigns are reported, those behind the campaign may alter the spoofed email address and messaging, including the subject line and body of the email, to continue to trick users.

Alibaba.com is an online marketplace which facilitates retail, wholesale trade, cloud computing and other services. It also connects Chinese exporters with companies around the world. The site hosts millions of merchants and businesses as well as users. Alibaba’s combined business ventures make it one of the world’s largest e-commerce companies: according to SimilarWeb, the website received almost one billion visits last month. 

The Alibaba.com phishing campaign was discovered by researchers at Comodo Antispam Labs which identified the emails through their IP address, domain, and URL analysis. According to the researchers, “For the System IT Administrators who think their IT may be susceptible to the spoofed phishing email and want to help protect their infrastructure, the sending IP address is 91.231.87.147 and webmaster@uam.name is the original sender of the email.” Such campaigns often target popular websites such as online retailers or utilize the holiday shopping season to spoof emails from shipping providers like DHL and FedEx.