The holidays are an ideal opportunity for fraudsters, who do not miss an opportunity to steal personal data and money, just when everyone is enjoying themselves and their defenses are down.
At this time of year, its experts Kaspersky identified phishing cases created around the Christmas and New Year period: fraudsters camouflage the theft of personal data and money as competitions.
1. Phishing scams targeting personal accounts
Some phishing sites aim to obtain data by infiltrating users' personal social media accounts and messaging apps under various guises. They ask for information which, once submitted, goes straight into the hands of scammers.
One such phishing incident was recently detected in Singapore. Fraudsters have created a sophisticated phishing website targeting people with the promise of alleged payments in the New Year from Singapore Ministry of Finance. This deceptive website was designed to mimic the Ministry's branding, giving it an air of credibility. To receive payment, visitors were asked to enter their account details at Telegram.
Once the user enters the account information in Telegram, the fraudsters can then gain full access to the account, potentially leading to digital identity theft, access to private conversations, and the ability to impersonate the victim for further malicious activity.
2. Phishing sites that impersonate banks for New Year's contests
Another phishing technique designed to trap those who believe in miracles is the bank lottery. As New Year's Eve is a season of offers and giveaways, scammers have created phishing websites that invite users to enter giveaway contests with the aim of obtaining victims' bank details.
An example of this New Year scam specifically targeted Filipino citizens. In this design, people were directed to a website that asked them to spin a wheel for a chance to win a sum of money. After spinning the wheel, users were shown their supposed winnings and asked to choose between various banks where the supposed funds could be deposited.
After making the choice, users found themselves on phishing websites designed to mimic legitimate online banking interfaces. This deceptive tactic was the final move in the scam, aiming to trick victims into gaining access to their banking credentials and ultimately their funds.
3. Fake New Year crypto gift-boxes without Pokémon
Stealing a wallet with even a few tenths of a bitcoin already brings the fraudsters a significant profit, so they put a lot of effort into creating believable phishing messages and websites, making it harder for the user to notice something wrong.
Fraudsters in one such case created a phishing page copying the official offer of Courtyard.io, a site that allows users to turn physical collectibles into tokens. The original website Courtyard.io invited users to sign up and buy a box containing a card on New Year's Eve Pokémon.
So the scammers created a phishing page with the same offer, however, to get the surprise box visitors had to link a cryptocurrency wallet, resulting in their funds being stolen.
To avoid scams linked to seasonal offers, its experts Kaspersky share some simple tips:
- Verify the source. Before participating in any special offer, verify the legitimacy of the source. If it's from a well-known brand or organization, check their official website or social media channels to confirm the contests.
- Enter the address URL in the address bar. Do not open the link from Email: can be a link Phishing. Whenever there is a need to open a website, it is always better to type the address URL of in the address bar avoiding any links present in the Email.
- Look up red flags on offer. Be wary of offers that seem too good to be true, such as winning a large sum of money or expensive prizes with little or no effort. This is especially difficult when it comes to cryptocurrency transactions: scammers will do everything they can to make an offer look valid.
- Do not share personal information. Legitimate giveaways rarely ask for sensitive personal information upfront. Be wary of any request for details such as bank account numbers, passwords or social security numbers.
Press Release
Do not forget to follow it Xiaomi-miui.gr on Google News to be informed immediately about all our new articles! You can also if you use RSS reader, add our page to your list by simply following this link >> https://news.xiaomi-miui.gr/feed/gn
Follow us on Telegram so that you are the first to learn our every news!
