False gift cards used to persuade users to provide personal data online



[ad_1]

Kaspersky Lab's experts point to the emergence of a new pattern of fraud through which users are led to reveal their personal data. The method involves the use of fake websites to generate so-called free gift cards, ceded after filling out a form in which personal data is entered. The information collected is "sold" to partner sites, to which the victims are finally redirected.

The free offer of something valuable is always attractive in marketing, and criminals profit from it. Sites that offer users the ability to generate free gift cards for known companies like iTunes, Google Play, Amazon or Steam are not new. For example, legitimate applications such as Tokenfire and Swagbucks buy card manufacturers from manufacturers and then provide rewards to customers for certain activities. Offenders identified the popularity of these sites and decided to mislead users using a simple algorithm.

At a fake site, the user is asked to select the gift card for which he wishes to receive the code. After that, the fraudulent mechanism is set in motion. In order to obtain the generated code, the user must prove that he is not a robot. He is then invited to enter the suggested link and fill in various information, their number and type according to the network of partners to which they have been redirected. For example, you may be asked to fill in a form, leave your phone number or email address, subscribe to a paid SMS service, install adware, and so on.

To avoid falling into the trap of cybercriminals and losing personal data, Kaspersky Lab researchers recommend users to follow a few simple rules:

  • Keep in mind that too many good offers should always be viewed with skepticism.
  • Check the HTTPS connection and the domain name when opening a page. This is even more important when opening brosers containing sensitive data – such as online banking sites, online shops, email, social media, and so on.
  • Do not disclose sensitive data, such as authentication or card. Real companies will never request such information by e-mail.
  • Do not send suspicious links to friends
  • Check with the company if it really gives gift cards and if the site is their official partner. For this, contact technical support on the company website
  • Use an effective security solution with anti-phishing technologies based on the detection of spam and phishing attacks

" The success of these new fraud tactics are based on the fact that criminals exploit the will of users to receive something free "says Lyubov Nikolenko, web content analyst, Kaspersky Lab. But at best, they will waste time doing something useless, and in the worst case, they will lose money without receiving anything in return. So, if you want a free gift card, try to get it from legitimate and reliable websites . "

The result is predictable: either the victims are content to give infinite information, or they end up receiving the useless code. Criminal earnings range from a few cents per click on a link to several tens of dollars to fill out a form or subscribe to paid services. So. Offenders derive a real benefit from nothing, being paid as a result of the user's actions on partner sites that also benefit from access to personal data, writes go4it.ro

[ad_2]
Source link