Such attacks are by no means exceptional across the entire Internet. “On duty Sbazar.czAs with other Internet services, fraudsters turn their attention from time to time. This is reflected in the offer of allegedly valuable and luxury goods at irrelevant low prices, “said a company spokeswoman Seznam.cz Aneta Kapuciánová.
–
“We recommend our users in our e-mails as well Helpto be very cautious in responding to similar offers. If we have reported fraudulent conduct on the service from our users, we immediately check the given advertisement and its advertisers and possibly block them, “stated Kapuciánová.
–
“Due to the increasing number of fraudulent advertisements in recent times, we will add a caution warning and a link to the Help, in which we advise you how to shop safely on the Internet and what to watch out for, as well as the Sbazar.cz main page,” concluded the List spokeswoman. .
–
How does the attack work?
Fraudulent ads were found by analysts from Avast Threat Labs on the portal Sbazar.cz several. An attractive price tag of goods, however, can end up costing users very expensively. The attackers are in fact trying to lure sensitive personal data, such as complete credit card information, from trusting.
–
More attentive users will probably notice that the ads contain grammatical errors and often have unnatural sentence wording, which suggests the use of a machine translator. However, confidants will probably still be seduced by an attractive price tag and will react to a suspiciously advantageous offer.
–
“Then you have to contact the seller using the contact form, which is always attached to the advertisement. The type of communication conducted is determined by the attackers. In our case, we were asked to move the conversation to the WhatsApp communication application, “Avast researchers explained the course of the attack.
–
Demonstration of communication with fraudsters.
Photo: Avast
Personal meeting? Quarantine…
In subsequent communication, attackers always refuse personal meetings, usually making excuses for quarantine. So if people are interested in the goods, the only option is to transport by courier service from Sbazar. And this is the first big clue that this is a scam, Sbazar has no courier service of his own.
–
“The attackers immediately send a link to the alleged Sbazar website, where the user can order courier services. The sent link does not belong to Sbazar, but the website is similar in design. When expressing doubts about the sent link, the attackers argue by sending another link with the same domain, on which there is a text with a description of the courier service. There is also a description of the procedure for ordering the service, “explained security experts.
–
The fraudsters claim that they will send the goods to Sbazar’s shipping company. But there is no such thing.
Photo: Avast
In the next step – after clicking on the payment button – the user is redirected to another fraudulent page that mimics the payment gateway. If people actually enter information from their credit card into it, they serve it to attackers like on a golden tray.
–
At the same time, the attackers obviously put a lot of work into creating a fraudulent site. “A look at the source code of the page revealed that the form verifies the correctness of the entered data. Clicking the confirmation button then reveals why this is the case. Greedy attackers from trusted users do not just want to get the amount listed for the exhibited item, but target the entire balance in their account, “explained security experts.
–
“The last step of the fraud requires entering a verification code from an SMS message. Most users are used to this for internet payments, but the amount does not correspond to the one in the previous form. Instead, fraudsters choose to pay an amount that the user has previously entered as an account balance,
–
