A new phishing campaign pushes fake websites promoting the popular Flipper Zero cybersecurity tool as a lure to catch members of the security community.
The rogue websites replicate the legitimate version almost perfectly, which could confuse potential victims and increase the odds of a successful attack.
Flipper Zero is a popular device in the cybersec community. The pocket-sized tool mimics a beloved children’s toy but harbors powerful capabilities, ranging from RFID key cloning to sub-GHz, infrared and Bluetooth communication.
Since its remarkably successful launch on Kickstarter in 2020, Flipper Zero has drawn much hype, with many users demonstrating its capabilities on social media. Still, production issues have led to supply shortages.
Perpetrators are launching aggressive phishing campaigns to exploit the supply shortage and the hype surrounding the product.
Security analyst Dominic Alvieri spotted three distinct rogue Twitter accounts impersonating the official Flipper Zero account. One account even appeared to be using the same handle as the official Flipper Zero. However, upon closer examination, the researcher discovered that the fake account’s handle used a capital “I” instead of an “l.”
To increase its apparent legitimacy, the fake Twitter account even engaged with other Tweets and responded to users’ queries regarding the product’s availability. The accounts point to various fake shops pretending to sell the device, a protective case, and a Wi-Fi module at the same price as the official store.
Attempting to buy the product leads website visitors to a checkout page where they must hand over personal information, including their full names, email addresses and shipping addresses. Victims are then asked to choose between Bitcoin (BTC) and Ethereum (ETH) payment methods.
To prevent phishing, users should be wary of suspicious promotions and only buy the product from verified sources, including the official store and trusted third-party suppliers.
Dedicated software like Bitdefender Ultimate Security can keep you safe from phishing attempts and other cyberthreats with its extensive range of features, which includes:
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024