Skip to main content

Data for Nothing: Fraudsters Use Fake Gift Cards to Lure Consumers into Handing Over Personal Data


Kaspersky Lab experts have discovered the distribution of an unusual fraudulent scheme that tricks users into parting with their time and their data, for no return. By creating fake websites for the free generation of gift cards, cybercriminals are able to “sell” users’ data to third party partner sites, to which they redirect victims.

While industry and law enforcement agencies from around the world are busy fighting against cybercrime, criminals themselves are constantly looking for new ways of earning money – other than just malware. Offering something valuable free of charge is always an enticing piece of marketing, and criminals can take advantage of this.
Websites that offer customers the option of freely generating gift cards for well-known companies --- like iTunes, Google Play, Amazon, or Steam --- are nothing new. For example, legitimate apps like Tokenfire and Swagbucks buy card codes from vendors, to then give them to clients as a reward for certain activities. Criminals have apparently recognized the popularity of such websites and have decided to deceive users using a simple algorithm.
When on the fake site, the user is asked to select the gift card he/she wants in order to receive the code. After that, the fraudulent mechanism is set in motion. To get the generated code, however, the user needs to prove that he/she is not a robot. To do this, the user has to follow the suggested link and complete various tasks, the number and type of which are determined by the partner network to which the user is redirected. For example, he/she may be asked to fill in a form, leave a phone number or email address, subscribe to a paid SMS-message, install adware, and so on.
The result is predictable: either victims get tired of doing endless tasks, or they finally get the useless code. The earnings for criminals range from a few cents per every click on a desired link, to several dozen dollars for filling in a form or subscribing to paid services. Thus, the criminals make a profit virtually for nothing, getting paid from the user’s actions on the websites of third-party partners, who, for their part, also benefit by getting access to personal data which can be used for private purposes.
The success of these new fraud schemes is based on criminals exploiting the drive of users to get something for free. However, at best they will spend hours of personal time doing worthless tasks, and at worst - lose money without receiving anything in return. So, if you want to get your hands on a free gift card, try to earn it on legal and trustworthy sites,” said Lyubov Nikolenko, web content analyst at Kaspersky Lab.
“We have to always be alert when we are shopping on the internet. If everybody knows and follows cybersecurity rules, cybercrime would become unprofitable and Internet-criminals might change their specialty and become lawful programmers, system administrators, and designers. Yes, it sounds like a utopia, but at least we have to try,” said Siang Tiong Yeo, general manager at Kaspersky Lab Southeast Asia.
To avoid falling for cybercriminals’ fraudulent schemes and losing personal data, Kaspersky Lab researchers suggest that users follow a few simple rules.
  • Remember that there is no such thing as a free lunch and always treat offers that seem too tempting to be true with skepticism. 
  • Check the HTTPS connection and domain name when you open a webpage. This is especially important when you are using websites which contain sensitive data – such as sites for online banking, online shops, email, social media sites etc.
  • Never share your sensitive data, such as logins and passwords, bank card data etc., with a third party. Official companies will never ask for data like this via email.
  • Do not spread questionable links among your friends.
  • Check with the company if it really is giving out gift codes, and whether the site is its official partner. To do this, contact the official support service by reaching out on the official website of the company.
  • Use a reliable security solution with behavior-based anti-phishing technologies to detect and block spam and phishing attacks, such as Kaspersky Total Security, which blocks fake gift card sites.

To learn more about the mechanism of gift cards generator fraud schemes, read our blogpost on Securelist.com.

Comments

Popular posts from this blog

Dina dela Paz, Awarded as Most Influential Filipina in the World

Another Filipina awarded in the 100 MOST INFLUENTIAL FILIPINA IN THE WORLD.
Dina Dela Paz-Stalder, a skincare expert, was awarded with this prestigious recognition, specifically in the Founder and Pioneer Category (Global FWN100 Award) in Toronto, Canada on October 27, 2017, by Filipino Women’s Network. She was selected from an outstanding field of nominees from around the world.

The Global FWN100 Award™ recognizes 100 Filipino women who are changing the face of leadership in the global workplace.  It distinguishes them for their outstanding work in their respective fields, and further recognizes them for their achievement and contributions to society.  Dina Dela Paz-Stalder’s award and global recognition is another evidence of Filipino pride as she proves that Filipinos are also global leaders in terms of skincare innovations and extraordinary leadership.

Started from just a small steel pot for skincare formulations,  she now owns and leads the Stalder Group of Companies which includ…

City Garden Grand Hotel Holds 2nd GRAND Skills Competition

Today, students from the Far Eastern University, National University, Philippine Women University, Lyceum and the University of Sto. Tomas got together for City Garden Grand Hotel’s 2nd GRAND Skills Competition.


For the second time City Garden Grand Hotel hold the competition where the top 5 schools competed for the chance to be the best in the following categories: Table set up with Centerpieces, Food Art, Bartending/Cocktail Mixing, and Gourmet Student Meals.






For six hours, students took the time to set up tables with their own theme and menu, prepared gourmet meals, food art and concoct drinks. Then it was time for the judges to pick the best among the best. Judges includes Chef Miko Aspiras, Jill Meneses, Chef Dennis Peralta, Jason Hussein Ali, Jordan Tan.






Here is the list of winners for the following categories:
FOOD ART

1st Place:Far Eastern University (FEU) 2nd Place:LYCEUM 3rd Place:National University (NU)
GOURMET STUDENT MEALS
1st Place:LYCEUM 2nd Place:NU 3rd Place:University of Sto. …

POSIBLE.NET officially launched as it empowers Filipino MSMEs with greater possibilities

Thinking of a lucrative investment? Nope, this is not a get-rich-quick scheme but something you can depend on for many years to come. As we live in the digital world, we’re looking for ease and comfort while we do our daily transactions. Time is gold for everyone, and so does for our customers who want things fast and not bothersome. Introducing POSIBLE.NET, the latest aggregator of digital services that caters both to clients and those into small businesses.

Last January 24, 2018 POSIBLE.NET was officially launched at Holiday Inn and Suites, Makati City. With over 1,600 retailers nationwide to date, POSIBLE.NET targets to become the dominant community-based digital transactions network in the country and looked forward to a year full of possibilities, going with the theme “Empowering the Filipino MSMEs of Today.”


POSIBLE.NET, founded two years ago, currently offers more than 300 digital services to over a million Filipino consumers and has already generated close to P2 billion worth o…