The scam started circulating last week. Photo: Mario Quinteros
One of the new forms of fraud is using WhatsApp networks to plant bait directly, as the chances of deception grow exponentially. In this context, a malicious campaign involving Mercado Libre tries to make people believe this the company is giving away the returned products.
The deception reaches victims through a message that is often replicated, voluntarily, by an address book contact, which is common in deceptions that are distributed via WhatsApp, according to ESET Research Laboratory.
In addition to the statement that informs 10,000 sweepstakes of returned itemsa compressed link is sent that promises to direct users to the official website of MercadoLibre, the company that the cybercriminals are impersonating.
As if to make the trick believable, they use deterrents like the official logo and colors to make it look real. In addition, to build trust, it includes a questionnaire to allow the user to express their opinion about the company, accompanied by false comments from the alleged winners.
The first stage of deception. photo ESET.
Once the questionnaire is answered, the site presents the victim with another draw, a far cry from the alleged returned products. In this, the user has three possibilities to find the fake prize that, regardless of what is selected, he always receives. These are usually high-value items, such as a latest generation smartphone or cash.
To claim the reward, the victim must take a crucial action for this deception: spread among your WhatsApp contacts this alleged opportunity.
This allows the campaign to have a high reach in a short time and without the need for the cybercriminal to intervene in the distribution. It is also the reason why the initial message reaches the victim from a contact you have recorded.
After announcing the alleged reward, the victim is redirected to another site that uses attack techniques known as scarecrowas detailed by ESET, with the aim of making you believe it your device is out of date and in danger.
Furthermore, the deception recommends downloading an application in the next few minutes to try to create a sense of urgency so that the user does not hesitate to install the unknown app.
How is the new WhatsApp scam
The participant always gets a great prize. photo ESET
At this point, there is no mention of the giveaway or giveaway. This should be enough for the victim to notice something suspicious and decide not to continue interacting with the site.
However, part of the strategy in this type of fraud is to try to make the victim “forget” for a moment of the alleged reward and for this he uses questionnaires, buttons or comments that are useless.
Although the link to download the fake update has been removed, we can confirm that the domain used hosts other malicious sites that pretend to be other companies, all with a similar goal: display fraudulent advertisements, collect personal information, or even download malware.
Malicious campaigns that try to impersonate ecommerce platforms using fake sites are common. According to data from ESET telemetry systems, the e-commerce theme was the third most used for phishing sites in the last quarter of 2021 with 9.8% of them, a trend that continues to grow as well. ‘year.
SL
Source: Clarin
