Fraudsters Using Fake Gift Cards to Lure Consumers into Handing Over Personal Data
Kaspersky Lab warns of cybercriminals’ latest fraudulent schemes
Woburn, MA – July 19, 2018 – Kaspersky Lab experts have discovered a fraudulent scheme that uses the promise of free gift cards to trick consumers into parting with their time and data, for no return. By creating fake websites that generate codes for free gift cards, then redirecting victims to third-party partner sites, cybercriminals can profit off the sale of people’s personal data.
Offering something valuable free of charge is always enticing, and cybercriminals are taking advantage of this in the latest fraudulent schemes. Websites that offer customers free gift cards for well-known companies, such as iTunes, Google Play, Amazon or Steam, are nothing new. For example, legitimate apps like Tokenfire and Swagbucks buy codes from vendors, to then reward customers for completing certain activities. Criminals have recognized the popularity of such websites and are leveraging this to deceive consumers.
In this fraudulent scheme, consumers are directed to a fake website where they are asked to select the gift card they want. Then, to generate the code for the gift card, the user is instructed to follow a link and complete various tasks, the number and type of which are determined by the partner network where the user is redirected. For example, the victim may be asked to fill in a form, leave a phone number or email address, subscribe to a paid SMS-message, install adware and so on.
The result is predictable: either victims grow tired of completing seemingly endless tasks, or they finally receive a code that they will later discover is useless. The earnings for criminals on this scheme range from a few cents for every click on a desired link, to several dozen dollars for filling in a form or subscribing to paid services. Thus, cybercriminals can make a profit for virtually nothing, getting paid based on the user’s actions on the websites of third-party partners – who, for their part, also benefit by gaining access to consumers’ personal data which can be used for malicious purposes.
“The success of these new fraud schemes is based on criminals exploiting the drive of users to get something for free,” said Lyubov Nikolenko, web content analyst, Kaspersky Lab. “However, at best they will spend hours of personal time doing worthless tasks, and at worst they will lose money without receiving anything in return. So, if you want to get your hands on a free gift card, try to earn it on legal and trustworthy sites.”
To avoid falling for cybercriminals’ fraudulent schemes and losing personal data, Kaspersky Lab researchers suggest the following tips:
- Remember that there is no such thing as free, and always treat offers that seem too tempting to be true with skepticism.
- Check the HTTPS connection and domain name when you open a webpage. This is especially important when you are using websites which contain sensitive data – such as sites for online banking, online shops, email, social media, etc.
- Never share your sensitive data, such as logins and passwords or bank card data, with a third party. Trustworthy companies will never ask for data like this via email.
- Do not spread questionable links among your friends.
- Check with the company to confirm if it is really offering gift card codes, and whether any third-party site is an official partner. To do this, contact the company’s customer support service by reaching out on the official website.
- Use a reliable security solution with behavior-based anti-phishing technologies to detect and block spam and phishing attacks, such as Kaspersky Total Security, which blocks fake gift card sites.
To learn more about the mechanism of gift card generator fraud schemes, read our blog post on Securelist.com.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
Media Contact
Meghan Rimol
781.503.2671
meghan.rimol@kaspersky.com
Fraudsters Using Fake Gift Cards to Lure Consumers into Handing Over Personal Data
Kaspersky
Related Articles Spam News
New Kaspersky Lab Research Finds 32% of Shoppers Have Had Financial Information Compromised
Easy access to online shopping in combination with poor security habits puts consumer financial information at riskRead More >Black Friday Threat Alert: Popular Online Retailers Among Top Targets for Data-Stealing Malware in 2018
Banking Trojans target dozens of online shopping sites, with consumers in Europe, the U.S. and emerging markets particularly affectedRead More >Kaspersky Lab Report: The Number of Phishing Attacks in Q3 Reach Over 137 Million
This year's trend of fast growth in phishing attacks quarter over quarter continuesRead More >