The link arrives on WhatsApp and the temptation does not give way: you have to open it. But urgent appears the message from the same contact who sent it: “Don’t open it, they tell me it’s a virus.” It happens from time to time and this week its involuntary protagonist is a supermarket chain. Attention, it is not a virus nor will it damage your cell phones, but it is a misleading advertisement.
Is that a new hoax is circulating through WhatsApp in which criminals use the image of Carrefour to make users believe that the multinational chain is giving away cards with money. The goal of this social engineering campaign is to drive traffic to sites that display misleading advertising.
The place Welivesecurity He explained it very well in an interesting note: the message seeks to convey a sense of urgency so that potential victims do not waste time and click on the link that will allow them to access one of the 500 cards with $ 19,800 that Carrefour is giving away for their anniversary . However, if the user takes time to analyze the message, they will find elements to doubt about the legitimacy of the message. For example, that the URL they invite to access does not correspond to the one on the company’s official site.
After accessing the link, you see a site that, in addition to reinforcing the message of the alleged promotion, includes a counter that begins to decline and indicates the number of cards that are supposedly left to give away. The goal of this strategy is to convince the potential victim to quickly access the site and not overthink it. One detail that shows that it is a deception is that if the page is updated the number of available cards goes up again.
On the other hand, the message indicates that to access one of the cards that Carrefour is supposedly giving out on the occasion of its anniversary, a survey must be completed.
Upon completion of the verification process, the user is not only a victim of deception, but is also used to distribute the fraudulent message: the campaign forces them to share the message with their contacts if they wish to continue and access the benefit.
After having shared the message, an action that in some cases causes the sender to lower his guard when receiving the message from an acquaintance, the user is redirected to different advertising sites. From here on, any reference to the supposed promotion of the gift card will no longer appear. The operators behind the campaign seek to monetize the deception by sending traffic to pages on which advertising is displayed and that do not verify if the incoming traffic is redirected in a deceptive way.
No attempt was made to install any type of malicious code on the devices.
The domain used for these attacks was registered a few months ago, apparently in Panama, and makes use of the data privacy service of the person in charge, so there is practically no information about the owner.
To avoid being victims of this type of deception that comes through WhatsApp or similar and in which the identity of a known brand is impersonated through the use of social engineering techniques, it is important that users are attentive and learn to recognize this kind of fraudulent messages before clicking or sharing. In this sense, it is recommended to take a few seconds to review the URL of the message in detail and verify that it is legitimate and not a false URL, do a search on the official website to verify that the benefit referred to in the message that reaches us is mentioned or if there is more information about the promotion.
–
