According to a report by Eset Latin America, a type of fraud has been discovered circulating on WhatsApp, with criminals seeking to get people’s attention. Give them raffles on products returned to Mercado Libre.
These types of messages can reach potential victims from known contacts who have also fallen into the trapIn addition to the statement reporting withdrawals on 10,000 returned items, a zip link that promises to direct users to the official website of Mercadolibre, the company that cybercriminals impersonates, is sent.
This will be a fraud campaign Another phishing casebecause cyber thieves try to make their landing sites or landing pages look as real as possible, including elements like the Mercado Libre’s signature logo, colors, and fonts in this case.
In addition to copying the visual identity of the official web pages of an e-commerce site, criminals also Seeks to build trust by including false testimonials from purported winners From this draw and a questionnaire for users to express their opinion on the company’s service.
Being inside the fraudulent site and after answering a few questions, the user is redirected to a completely different type of draw than he was initially promised, this turned out to be much better, since the contestant has 3 chances to discover a prize, but no matter which option you choose You will always win. Expensive prizes like cell phones or cash.
As a condition for receiving the award, The claimed winner must share the link and offer with his or her minimum WhatsApp contacts, Causing the trap to spread far and wide without the cybercriminal having to step in, it is For this reason, deception is almost always sent by an acquaintance.
But like all fake internet bounties, after sharing the link, the victim is redirected to another website that contains Afraida kind of invasive ad warning that the cell phone has a system failure and therefore the app must be downloaded urgently.
for this moment, On any of the sites to which the user was redirected, the checkout is indicated again, And now the attackers are trying to get the attention of the potential victim by means of questionnaires, buttons or comments. however, At this point, people should already start to suspect that it was just a scam.
The cyber security company, Eset, reports that the button to download potential updates is no longer available on these malicious sites, however, these web pages still contain all kinds of misinformation such as advertisements for more gifts, rewards, and other types of invasive tabs.
– The most important suggestion of all is distrust and Open links for no reason that offer any kind of gift or reward from well-known companies, Because they are just excuses to get users’ attention.
– Although the website visually appears to be from a legitimate company, Verify that the link address is associated with the company, This time the domain had nothing to do with the official Mercado Libre URL.
– Ignore any advertisement displayed from a website that warns of computer viruses or device system malfunctions, because these types of notifications are always internal and displayed by the same cell phone or some installed antivirus.