2 min read

UGG Fans Targeted with Black Friday Phishing Campaign

Alexandra GHEORGHE

November 28, 2014

UGG Fans Targeted with Black Friday Phishing Campaign

Spammers are using the name of popular Australian boot maker UGG to trick thousands of people into giving away personal information on bogus retail sites, Bitdefender warns.

The antivirus provider has spotted a seasonal spam campaign luring people to fake retail websites with offers of huge discounts and attractive imagery. Hoping to refresh their e-mail address databases, spammers have crafted email subjects like “2014 Black Friday UGG Top 10 Gifts On Vault!” and “Pre-Christmas And Black Friday Special Gift: UGG Classic Boots Hot Sale and 40% off Everything.”

ugg

Once a user clicks on any link in the unrequested email, he is redirected to an authentic-looking website that appears to be selling UGG items at discounted prices. The pages include logos of payment providers and reputable security providers to simulate authenticity and gain the user`s confidence.

ugg2

After clicking on an item, the user lands on a page with a different domain than the previous one. The page requires account credentials or registration details such as name, home address and telephone number. Only after entering the personal information cam the user choose a preferred payment method, add credit card details and complete the payment process. However, chances are slight that these items will ever be delivered.

The bogus e-mails are sent from servers in the US and Chile.

We advise users to keep an eye on too-good-to-be-true offers today! Some scammers go so far as to create a good-looking website from scratch and register it for a longer period to fool users into believing it`s real.

Also, before shopping online, make sure you check that the address starts with “https://” instead of “http.”

And remember that most brands that offer e-commerce do so from their own trusted websites with simple URLs, like barneys.com and macys.com.

This article is based on the spam samples provided courtesy of Ionut-Daniel Raileanu, Bitdefender Antispam Researcher.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read