False gift cards used to persuade users to provide personal data online



[ad_1]

Kaspersky Lab's experts point to the emergence of a new pattern of fraud through which users are led to reveal their personal data. The method involves the use of fake websites to generate so-called free gift cards, ceded after filling out a form in which personal data is entered. The information collected is "sold" to partner sites, to which the victims are finally redirected.

The free offer of something valuable is always attractive in marketing, and criminals profit from it. Sites that offer users the ability to generate free gift cards for known companies like iTunes, Google Play, Amazon or Steam are not new. For example, legitimate applications such as Tokenfire and Swagbucks buy card manufacturers from manufacturers and then provide rewards to customers for certain activities. Offenders apparently identified the popularity of such sites and decided to deceive users using a simple algorithm.

When on a fake site, the user is prompted to select the gift card that he wishes to receive the code. After that, the fraudulent mechanism is set in motion. In order to obtain the generated code, the user must prove that he is not a robot. He is then invited to enter the suggested link and fill in various information, their number and type according to the network of partners to which they have been redirected. For example, you may be asked to fill in a form, leave your phone number or email address, subscribe to a paid SMS service, install adware, and so on.

To avoid falling into the traps of cyber criminals and losing personal data, Kaspersky Lab researchers recommend that users follow a few simple rules:

  • Please note that good offers should always be viewed with skepticism
  • Check the HTTPS connection and the domain name when you open a page This is even more important when opening brosers containing sensitive data – such as online banking sites, online shops, e-mails , social media, etc.
  • Do not disclose sensitive data, such as authentication or card. Real-time companies will never request such information by e-mail.
  • Do not send suspicious links to friends
  • Check with the company if it really gives gift cards and if the site is its official partner. To help you, contact the support department on the company's website
  • Use an effective security solution with anti-phishing technologies based on spam detection and attack attacks. phishing

" The tactics of fraud are based on the fact that criminals exploit the will of users to receive something free ," says Lyubov Nikolenko, web content analyst, Kaspersky Lab. But at best, they will waste time doing something useless, and in the worst case, they will lose money without receiving anything in return. So, if you want a free gift card, try to get it from legitimate and trusted sites . "

The result is predictable: either the victims are content to give infinite information, or they end up receiving, the code useless.The criminal gains range from a few cents per click on a link to several tens of dollars to fill a form or subscribe to paid services.So.Criminals do virtually no profit, being paid as a result of user actions on partner sites that also benefit from access to personal data .

[ad_2]
Source link