The Canary Islands Computer Crime Observatory warns Internet users of a new scamAttention! There is a new computer scam and, on this occasion, it reaches users via WhatsApp. The Canary Islands Computer Crime Observatory warns that there is a new fraudulent promotional campaign designed for “victims” to bite into a very sophisticated scam. It is a scam on social networks where, supposedly, the draw for “A free trip to Lanzarote” is announced. Many users, lured by the obvious appeal of the ad, fall and sign up for this fraudulent giveaway.This ‘offer’, like many others like it, is a “Phishing” attack – a method that cybercriminals use to trick their victims and get them to reveal personal information (Social Security number, passwords,…) or sensitive financial information ( Credit card data, bank account numbers, …).
The Observatory warns that these promotional campaigns are advertised through Fake Websites and promoted through social networks, especially WhatsApp, going viral reaching thousands of people who share it among their contacts.
In a statement they explain the methodology used by cybercriminals so that many users fall into this deception: “ODIC analysts detect the existence of messages sent through WhatsApp where the hook used to make people believe that the draw is authentic is to attract with a attractive message that says “Check this out! A free trip to Lanzarote. I have already signed up. Join you too! Once the victim’s attention is called, he clicks on the existing link in the message, redirecting him to a “fake” website, in this case it is the following link http://lanzarotevacaciones.info/, where he must register with his name full and the city where the victim resides. Next, it redirects us to another page that we must unlock by sharing this fraudulent promotion with our contacts on WhatsApp. And so,
Steps to take in the face of a phishing attack
There are a series of steps that will help us detect this type of Phishing attack:
-Never click on the links that redirect us to “fake” websites with the intention of obtaining our personal data in order to impersonate us.
-Report to the relevant authorities the existence of “fake” websites with the intention of collecting information through phishing techniques