In a large-scale cyber scam, hundreds of malicious domains have been used to lure users with promises of free Google Play and Amazon gift cards. This deceptive campaign aims to steal personal information and install harmful software on victims’ devices.
The scam, uncovered by Palo Alto cybersecurity researchers, involves over 276 domains designed to appear legitimate, such as “deal.com” and “offer.com”. These domains are part of a network controlled by cybercriminals who use them to advertise free or discounted gift cards for popular services like Google Play, Amazon, and Roblox.
Victims are enticed to click on these offers, which redirect them through a series of intermediate domains to final destinations where they are asked to complete tasks. These tasks often include signing up for services via affiliate links, downloading browser extensions, or providing personal information. The attackers use these methods to harvest sensitive data and generate revenue through affiliate marketing.
Cybersecurity experts and authorities are working to dismantle the scam’s infrastructure which has been tracked under the identifier “gift_card_scam”. Authorities are also working on identifying and taking down the malicious domains, as well as issuing public warnings to educate users about the dangers of such scams. Users are advised to be cautious of offers that seem too good to be true, avoid clicking on suspicious links, and refrain from downloading unverified extensions.
#CyTech #CyTechNewsRoom #Cybersecurity #CISO #CISOWorkplace™ #SecurityAwareness #PhishingSimulation #CIM #CSRM #Scam #GooglePlay #Amazon
Leave a Reply