Information from analysis of over 130 thousand*1 emails purporting to be from Rakuten Marketplace, which were thought to have spread since Dec.11, has been made public.

TOKYO, Japan (December 19, 2018) - Digital Arts Inc. (headquartered in Chiyoda-ku, Tokyo, Japan, CEO: Toshio Dogu, hereinafter referred to as "Digital Arts", Code 2326), a leading provider of information security software, announces that it has made public information from analysis of over 130 thousand*1 emails purporting to be from Rakuten Marketplace which were thought to have spread since Dec.11.

From April 2018 onward, suspicious e-mails appearing to have been sent by Rakuten Marketplace have been distributed*2, particularly between Dec.11 and 13 a large volume of e-mails were sent out.This can be thought of as an attack campaign set to coincide with Christmas and New Years' sales.

Information made public

• E-mail subject line
• URL links contained in e-mail
• File names that would be downloaded
• File HASH values
• Infection process
• How our company's products are dealing with the threat
• Procedure to deal with the threat

Users of any of the following Digital Arts products: i-FILTER ver.10 security software for businesses and public agencies, m-FILTER ver.5 e-mail security software and DigitalArts@Cloud which is a cloud-based solution for both of the above, can use a whitelist database (below referred to as "DB") function to preventively block this threat.

FILTER ver.10 / i-FILTER@Cloud Whitelist DB

As the DB covers all the domestic websites searchable through search sites, it is possible to block access to unsafe URLs not categorized within the DB, avoiding obstruction of legitimate business-based web browsing.Also, unknown potentially dangerous URLs that are not yet categorized are reported to Digital Arts' cloud-based DB, with all personal information removed from the access data, and then analyzed by Digital Arts to be added to the DB within around three working days.

m-FILTER ver.5 / m-FILTER@Cloud Whitelist DB

By collecting and combining a list of safe IP addresses and e-mail domains into a DB and distributing it, users can receive e-mails only from sources determined to be safe.That combined information is reported to Digital Arts' cloud-based DB with all personal information removed from the email information, after which Digital Arts analyzes unregistered combinations and adds them to the DB within around three business days.

Digital Arts will continue to gather data on ever more complicated external attacks in order to strengthen and improve the functions of i-FILTER ver.10 and m-FILTER ver 5.

• *1 *1 In-house research.Conjecture based on the number of infected client companies against the total number of client companies.
• *2 Source: [Caution] Please beware of the e-mails purporting to be from Rakuten Marketplace (order content confirmation e-mail) Link in Japanese: