SYDNEY/AUCKLAND – November 29, 2012 – What possible lure can be so appealing that it makes users forget all the advice they’ve been receiving from the security community for years and innocently open spam messages exposing themselves to all kinds of on-line threats? As it turns out, different scams target different nationalities lately.
While Brits seem happy with enough money for a downtown London apartment down payment, Spaniards seem to be wooed by the promise of further education amid rampant unemployment and Americans still covet a free iPhone. Germans find themselves tempted by a life altering sum of cash, whereas, Australians are offered with pharmaceutical positions and educational courses.
After scanning through spam and scams of recent months, here are some we found targeting specific nationalities:
In the UK, scammers announce computer users in UK that they have just won £100,000.00. GBP (One hundred Thousand Great British Pounds Sterling’s) from the Coca Cola 125th Anniversary Award for which Brits have to send a scan copy of an identification document.
Barclays, PayPal, and HSBC customers may get tricked with an old-school scam, namely “Check your account”.
Brits were also bombarded these past months with apparently official notifications telling them of some “irregular” activity performed on their Internet banking account. Then there’s a customized British Microsoft and Facebook award that hints at a free Microsoft Windows 8 license to make the user open the attachment.
Australians are tempted with job offers or qualification courses for pharmacy assistant positions. One spam wave offers to employ Australians to “receive items [small packages as parcels] from companies and stores as well as payments from [their] debtors in and outside the country on [their] behalf”. Considering the current work environment, chances are people in-between jobs and inexperienced young graduates fall for this trick. Enthusiasm can lead them right into the middle of a money muling – type scam where people are recruited to move stolen money and goods from one location to another, from one person to another until no-one can trace back to the identity of the cyber-crook or the original victim.
On the same note, Australians are also offered “pharmacy assistant education classes and healthcare assistant degrees.”
Other scammers poke around Australian cyber-space for “small retailers that look for stores in which to place their products”. Scammers ask the small retailers for confirmation that he ships products all over Australia and further demands details about “terms of payment” and ask receivers if they work with “visa or master card”.
In New Zealand, users may fall for the “ATM MASTER CARD delivery” trick. Users receive a form which they are asked to fill in with identification data and choose the courier company they’d like to handle the delivery of their card. In return for a small fee, they are granted the card delivery in a 48-hour time interval.
Germans were lured by the illusion of having just won a life-changing amount of money in the lottery. In order to pick up the EU915.810 prize, they are asked to open a PDF file and fill in their identification data. Other scams imitate online booking notifications from hotel.de and ask Germans to open an archived malicious attachment to confirm an alleged hotel reservation to a luxurious spa centre in Germany. PayPal notifications written in German invite users to type in identification information and send it to scammers.
Poste Italiane clients continue to be hit up for critical data, while people in US are lured with vacations in Costa Rica and California, comfortable office furniture, luxury cares, and free Windows 8 licenses that prove to be stolen or altogether bogus keys or IPhone5 handsets at hard-to-say-no costs. There’s also an old Brooklyn vintage lantern with new led technology out there that shines up to 100,000 hours.
With such targeted and diverse lures, it’s hard to imagine this kind of threat will fade away any time soon. There will always be someone who believes luck comes to those who wish for it, who inattentively type in their critical data into a phishing form, who innocently make money deposits for those in need.
###