UGG Fans Targeted with Black Friday Phishing Campaign
Spammers are using the name of popular Australian boot maker UGG to trick thousands of people into giving away personal information on bogus retail sites, Bitdefender warns.
The antivirus provider has spotted a seasonal spam campaign luring people to fake retail websites with offers of huge discounts and attractive imagery. Hoping to refresh their e-mail address databases, spammers have crafted email subjects like “2014 Black Friday UGG Top 10 Gifts On Vault!” and “Pre-Christmas And Black Friday Special Gift: UGG Classic Boots Hot Sale and 40% off Everything.”
Once a user clicks on any link in the unrequested email, he is redirected to an authentic-looking website that appears to be selling UGG items at discounted prices. The pages include logos of payment providers and reputable security providers to simulate authenticity and gain the user`s confidence.
After clicking on an item, the user lands on a page with a different domain than the previous one. The page requires account credentials or registration details such as name, home address and telephone number. Only after entering the personal information cam the user choose a preferred payment method, add credit card details and complete the payment process. However, chances are slight that these items will ever be delivered.
The bogus e-mails are sent from servers in the US and Chile.
We advise users to keep an eye on too-good-to-be-true offers today! Some scammers go so far as to create a good-looking website from scratch and register it for a longer period to fool users into believing it`s real.
Also, before shopping online, make sure you check that the address starts with “https://” instead of “http.”
And remember that most brands that offer e-commerce do so from their own trusted websites with simple URLs, like barneys.com and macys.com.
This article is based on the spam samples provided courtesy of Ionut-Daniel Raileanu, Bitdefender Antispam Researcher.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021