Spammers are using the name of popular Australian boot maker UGG to trick thousands of people into giving away personal information on bogus retail sites, Bitdefender warns.
The antivirus provider has spotted a seasonal spam campaign luring people to fake retail websites with offers of huge discounts and attractive imagery. Hoping to refresh their e-mail address databases, spammers have crafted email subjects like “2014 Black Friday UGG Top 10 Gifts On Vault!” and “Pre-Christmas And Black Friday Special Gift: UGG Classic Boots Hot Sale and 40% off Everything.”
Once a user clicks on any link in the unrequested email, he is redirected to an authentic-looking website that appears to be selling UGG items at discounted prices. The pages include logos of payment providers and reputable security providers to simulate authenticity and gain the user`s confidence.
After clicking on an item, the user lands on a page with a different domain than the previous one. The page requires account credentials or registration details such as name, home address and telephone number. Only after entering the personal information cam the user choose a preferred payment method, add credit card details and complete the payment process. However, chances are slight that these items will ever be delivered.
The bogus e-mails are sent from servers in the US and Chile.
We advise users to keep an eye on too-good-to-be-true offers today! Some scammers go so far as to create a good-looking website from scratch and register it for a longer period to fool users into believing it`s real.
Also, before shopping online, make sure you check that the address starts with “https://” instead of “http.”
And remember that most brands that offer e-commerce do so from their own trusted websites with simple URLs, like barneys.com and macys.com.
This article is based on the spam samples provided courtesy of Ionut-Daniel Raileanu, Bitdefender Antispam Researcher.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.
tags
Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs.
View all postsSeptember 06, 2024
September 02, 2024
August 13, 2024