They mentioned that they are using a service to shorten the URL. One detail that caught attention is that the image accompanying the URL changes depending on where the victim opens the message, but it always looks real. ESET explained that this is an impersonation technique used by cybercriminals To make the victim believe the link is genuineHowever, upon entering the received link, the victim is redirected to another address that has nothing to do with the actual Adidas website.
When the victim enters the trucho link he sees it The number of masks that the sports brand is offering is rapidly decreasingBut this is part of the deception they do with fake animations to get the victim to rush to claim her prize.
The moment the process of receiving a supposed prize begins, the victim must answer a survey, and then be asked to do so Share the post with your WhatsApp contactsThus, cyber criminals make phishing propagate and received by victims from known and trusted contacts, which makes it more credible.
Finally, when the victim clicks “Finish,” another phishing site opens, directing the user to it. Activate membership via SMS.
If the victim clicks this button, the SMS app will open with a message ready to be sent to A group of not less than 20 phone numbers.
Attackers seek to send a bulk text message to at least 20 numbers registered with paid services, for which the victim must pay on their next phone bill. These numbers begin with the prefix +41, which corresponds to Switzerland, and They belong to a phone subscription service previously reported as related to fraudulent messages.
“As users, it is important to pay attention to these types of messages and not to enter our data, download an application, or accept a request for permits or notifications from any of these fraudulent sites. Often times, impulsivity or anxiety causes a user to click or fill in the information without Thinking and This is exactly what the attackers are looking for. It is essential to take a few minutes to analyze the process, think through, and review the sites and information required. Apply common sense when performing online and operations Avoid believing in any kind of advertisement or presentation that is too good to be true. Cecilia Pastorino, a researcher at ESET Latin America, advises.