Scammers send emails by passing themselves through a manufacturer or a merchant site, and make their victim believe that they have made a significant purchase. All this so that the users call the hackers and provide them with their personal details.
The Kaspersky antivirus editor is sounding the alarm: a new phishing scam attempt, or more precisely to vishing (voice phishing), has just been spotted. This method may not be new, but the offenders who use it today are redoubling their imaginations to ensure that their victims fall through the cracks.
Thus, a wave of spam linked to famous hardware manufacturers, software publishers and trading platforms has been sweeping the Web for a few weeks. Scammers impersonate businesses and trick users into believing they’ve made a purchase. As shown in the screenshot below, this could concern an Apple Watch series 6, an Acer Predator PC over 1000 euros, or any other relatively large purchase. Something to worry about the victim, who will then call the phone number indicated in the e-mail she received … And thus communicate his personal details to hackers or install malware on his PC.
If you call this number, a hacker will ask for your personal information
The e-mail can come from a manufacturer or a publisher, but also from a merchant platform like Amazon or an online payment site like PayPal. It may concern the purchase of hardware, software or even a cryptocurrency. In short, pirates know how to vary the pleasures. These spam emails do not contain any links, but they do include a phone number that the victim is invited to call if they want to change or cancel the order.
Read also: phishing in the package, a new scam asks to pay reprogramming costs, caution
If the victim calls, on the other end of the line, they will unknowingly stumble upon a con artist. This will then try to get connection identifiers dedicated to financial services or linked to their bank card, explains Roman Dedenok, security expert at Kaspersky. Offenders can also trick their victims into transferring money directly to them (without even asking for their personal information, then). They can also encourage them to install a Trojan horse on their computer.
In short, the effects of this new wave of spam can be devastating. Do not fall into the trap. If you receive an e-mail concerning a purchase that you have not made, and if this message contains all and all only a simple phone number, do not call the number in question. This is most definitely a scam. If it is a merchant site that you have had to deal with before, simply log into your customer account and view your recent orders. If you can’t find the purchase in question there, it is a scam attempt.
Source: Kaspersky