It's that time of the year again. Scammers out and about, sending fake emails to sell counterfeit products. and getting malicious ad clicks If you haven't read last year blog where I go over counterfeit campaigns into details and how to protect yourself from them, I recommend giving it a read. Also, David Bisson wrote a blog of the latest details of these type of campaign. Please check it out as well.
Let's take a look at a few samples that we intercepted in the last few days.
Fake Ugg Black Friday Sales
This campaign is identical to last year, selling counterfeit that looks like Ugg. I highly discourage buying from these fraudulent sites. They will steal your credit card information and you will not receive the products. No ugly boots, just an ugly situation.
Malicious Black Friday Catalog
This campaign is different than last year. This scam is called ad hijacking. Ad hijacking is the practice of an actor in an email or website using automated means to inject adware or malware into the user's browser and corrupt the user's page or website. These ads may use or impersonate legitimate ads on the website. In some cases, such as this one, they may use a common Web name of a brand or a product, site name, ad network name or third-party URL to direct users to another site and not the expected landing page. Below is the landing page from the email. All the links on this page would take you to never ending journey of ads and never to the actual Black Friday sales.
Always avoid clicking on links in emails if possible. I highly recommend going to the official website check for Black Friday and Cyber Monday sales. I hope this give some insight for the holidays shopping.
If you are an AppRiver customer, forward any suspicious emails to firstname.lastname@example.org and our 24/7 trained cybersecurity specialists will review the email for you.
If you're not an AppRiver customer, contact us for a free trial of our Advanced Email Security