SINGAPORE – It might be the season of giving but people should beware of “free gifts” such as iPhones and Samsung handsets from well-known brands seeking feedback – it might just be a scam.
Cyber-security firm Group-IB on Tuesday (Dec 21) warned that there has been a spike in a type of scam that gleans information from unsuspecting victims and uses the data to trick them into thinking they could win prizes from brands, particularly telecommunication firms, by participating in polls.
Local telcos contacted did not comment directly on the scam but advised customers to be vigilant.
The scam uses what Group-IB called a “targeted link” directed at victims. It was first seen in 2018, with crooks exploiting dozens of brands globally, but this year, the number has jumped to at least 121 brands across 91 countries.
Scammers mostly posed as telecoms firms, with more than half of the brands exploited worldwide coming from the sector. This was followed by e-commerce and retail brands.
In Singapore, scammers targeted telecoms firms as well. In 2019, scams exploiting two brands were found – both involved presenting themselves as popular telecoms brands. The number of brands rose to five this year, and included entertainment and electronics manufacturing brands.
The increase could be due to the success of the initial scams and the Covid-19 pandemic, said Mr Ilia Rozhnov, head of Group-IB’s digital risk protection unit in the Asia-Pacific.
“The pandemic has fuelled more fears. You can hardly expect critical thinking from stressed-out and fearful citizens. People are overwhelmed with coronavirus fears. And scammers capitalise on that,” he added.
This comes amid a general rise in scams here by 16 per cent in the first half of this year, from the same period a year ago, the police said in August.
The targeted-link scam works by first putting out a message to potential victims through digital marketing, including through advertisements on social media platforms, SMS texts, e-mails and website pop-up windows.
To evade detection and blocking, the initial message does not mention specific brands and has a link in the form of a shortened URL to mask the real address.
The message promises victims that they can win valuable prizes by completing a survey or joining a lucky draw.
Once a person clicks on the link, he is redirected to various sites that gather information about the victim, such as the country he is in, his language preference and time zone. Using the details, a targeted link is created, which finally redirects the victim to a phishing site passing off as one from a well-known brand in the victim’s country.
This phishing site asks the victim to take part in a poll, such as to give feedback on the impersonated brand, but within a time limit.
To presumably get the prize after that, the victim is urged to fill a form asking for his personal data, such as his full name, e-mail address, postal address, phone number and bank card details. They may sometimes be asked to pay a tax or a test payment before they can receive the prize.