Since the beginning of the pandemic, the number of online scams has exploded in Argentina, with four times more reports than before. Cyber-delinquents show a lot of inventiveness and know how to stick to the news.
From our correspondent in Buenos Aires,
Virtual scams are on the rise in Argentina, and cyber-delinquents are not lacking in imagination. Few months ago, popular scam was related to vaccination. Offenders were extracting personal information by posing as members of the Ministry of Health. In recent weeks, it’s the Easter holiday and its traditional chocolate eggs that are used by scammers to fool their victims.
The technique, which consists of dangling free chocolates to extort personal information, is not new: it is what is called a seasonal scam, which returns every year in April. But year after year, hackers refine and perfect their methods, and in recent weeks, according to Argentinian cybersecurity consultancy BTR Consulting, a particularly elaborate version of this scam has been circulating on social networks.
A virtual and fraudulent treasure hunt
All the finesse of this scam consists in imitating the marketing campaigns of the major chocolate brands. It consists of hiding an object, or rather an Easter egg in this case, on an online world map and inviting his friends to look for this treasure by giving him clues about its location. With the possibility of winning very real Easter eggs.
To participate, you usually have to enter personal data. This is where cybercriminals come in. They send via WhatsApp, Instagram or Facebook invitations to participate in this kind of competition, imitating the visual identity of the campaigns of the major chocolate brands. But when the victim clicks on the link, they are redirected to a fake website, which asks for personal information in order to continue. Reassured by the logo of chocolate makers, users are not suspicious, and fill in their name, their identity card or telephone number, their address, or their banking information.
chocolate phishing
Data that then ends up in the hands of scammers. Once they have recovered this information through this phishing technique, or phishing, offenders can impersonate their victims, either by hacking into their WhatsApp account to try to extract money from their contacts from the person, or in some cases, by using this data to open a bank account for example.
The BTR Consulting firm points out that similar scams exist all over the world. Precautions to take: above all, never enter personal information on sites where you ended up after clicking on a link you received by email or via the messaging system of a social network.
► Read also: Donation scams for Ukraine are on the rise