In January alone, Spanish cybercriminals managed to claim more than 2,5 million victims on the web. The survey was carried out by Kaspersky Lab, and the data refer to the number of victims reached until January 20th. According to the company, most users end up being deceived by emails with the names of famous companies, in which most of them promise job vacancies and discounts on products. Another strategy used by cybercriminals are campaigns spread through the messaging application, WhatsApp.
At this time of year, the number of users reached is greater in favor of the great offer of work, common in this period of the year. Scammers have already sent fake links containing the name of large companies such as Walmart, Burger King, Spotify, O Boticário, Lojas Americanas, Santander, Banco do Espanha and Caixa Econômica Federal.
The senior security analyst at Kaspersky Lab in Spain, Fabio Assolin, warns "The new fraudulent campaigns that we have seen circulating on WhatsApp have taken advantage of this, when clicking on the link received and opening the fraudulent website, the user will be asked if they want something, when authorizing, it will actually be activating the receipt of notifications by the browser, and so the user will continue to receive more blows through the notifications".
By clicking on any of the fake links, the user starts to receive notifications throughout the day with new fraudulent actions. In this case, to disable them you need to access your browser settings.
- Kaspersky encontra super malware para Android
- Hackers try to steal credit card details from OnePlus website
One of the scams in which cybercriminals managed to reach a greater number of people was Spotify, in which the scammers offered an alleged promotion with free access for a year of Spotify Premium. In this way, when clicking on the false link, among which were circulating as "spotify.net", "spotify-br.com" or "spotify-usa.com", the user was directed to pages with other advertisements, with offers for installation of other apps and paid subscriptions to other services.
Some pages used by scammers have the Coinhive script, the same one that uses device resources in order to mine cryptocurrencies. "No matter how much the user clicks on the link and does nothing, the criminal will still win, as the malicious pages contain a script to mine Coinhive cryptocurrency", warns Assolini.
Thus, the year 2018 has just started and we already have a frightening number of victims made by cybercriminals with deceptive advertisements containing false links with malicious purposes. With this, be careful and beware of any link containing devastating offers, before clicking, contact the company that is offering some benefit to verify if the information is really correct.
