Phishers and other cybercriminals in the Middle East have begun monetizing their scams by requesting small sums of money in the guise of offering various services, most often related to post and delivery, instead of stealing large sums in one go.
Phishers are social engineers that create fake web pages to scam users.
They often pretend to be legitimate services, exploiting their solid reputation and intellectual property (logotypes, copies of the landing pages), yet in fact, have nothing to do with the actual company. In the particular scheme detected by Kaspersky, the scammers were found requesting users’ banking card details and then charging $2-$3 when confirming the delivery. As a result, fraudsters were ending up receiving money, bank card information, and personal details that could be used in further scams.
Experts have offered the following advice to stay safe from spam and phishing:
– If you receive a link to a great offer via email, make sure to check the embedded hyperlink – sometimes it may differ from the visible one. If it does, access the deal page directly through the legitimate website
– Only make purchases through official marketplaces and pay attention to the web addresses if you are redirected to them from other landing pages. If they differ from the official retailer, consider checking the offer you were redirected to by looking for it on the official web page
– Use a security solution with behavior-based anti-phishing technologies, which will notify you if you are trying to visit a phishing web page
– Never use the same password for several websites or services, because if one is stolen, all your accounts will be made vulnerable.