Adidas fans hit by phishing scam

Why users always fall for the lamest phishing scams is beyond comprehension, but hackers take advantage of this weakness and hide their scheming behind the usual fake prizes and too-good-to-be-true giveaways. This time, it was Adidas’ turn to feature in a major phishing scam that targeted users in specific regions.

A fake Adidas campaign promising free shoes instantly became popular through WhatsApp, and it’s not even the first time such a phishing scheme was used this year. To celebrate its 69th anniversary, the sports company was allegedly giving away 2,500 pairs of shoes to users who filled out a four-question survey.

All they had to do was click on a link to claim the prize and share it on WhatsApp with their contacts. The redirections were based on the IP address and targeted mobile devices in Norway, Sweden, Pakistan, Nigeria, Kenya, Macau, United States, Netherlands, Belgium and India.

No matter how many times users tried to share the campaign, they had no way to confirm that the share actually went through. It was just part of the scam. The very detail that they couldn’t choose color or size should have been a hint that it wasn’t a legitimate campaign – either that or the misspelled company name in the spoofed link.

Users were promised free sneakers in exchange for $1 to claim them, but all they were left with was a recurring $50-per-month subscription fee. Through the scam, hackers got access to users’ payments and contact details. The subscription users are automatically signed up for the “organizejobs” service, which has been identified as a scam.



*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Luana Pascu. Read the original post at: https://hotforsecurity.bitdefender.com/blog/adidas-fans-hit-by-phishing-scam-20046.html