The fraud impersonates Jumbo supermarkets and seeks to put in suspicious extensions within the consumer’s browser.
You can even open WhatsApp chat by clicking right here.
Frauds by WhatsApp utilizing the title of well-known manufacturers and providing presents for the supposed celebration of the agency’s anniversary are widespread foreign money. On this event, we alert customers to a message through which they supplant the id of the Jumbo grocery store chain, recognized in Argentina, Chile and Colombia. The deception begins with a message that features the Jumbo emblem and refers to a limited-time alternative for the supposed forty fifth anniversary of the model. However, as could be seen within the following photos, the hyperlinks included in these messages don’t have anything to do with the official web site of the grocery store chain.
If the consumer doesn’t understand that it’s a hoax and clicks on considered one of these hyperlinks, they may open a web page asking them to finish a four-question survey. Just by seeing the URL of the location that accommodates the questions, we are going to understand that it’s suspicious.
After answering the survey, a message will seem congratulating the potential sufferer and indicating that with a purpose to acquire a prize, they need to take part in a sport through which they need to choose the one which accommodates a prize from amongst completely different choices.
Generally, on the second attempt the consumer is led to consider that they’ve received a prize. In this case it’s 30,000 pesos. However, earlier than acquiring the supposed prize, as often occurs within the overwhelming majority of scams of this sort, the sufferer should share this obvious alternative with 5 WhatsApp contacts or teams with a purpose to advance.
After this occasion, the malicious marketing campaign asks the potential sufferer to finish one final step: register.
However, by clicking on the “complete registration” button, the consumer is redirected to a web page that has nothing to do with the prize and on which it’s supplied to obtain a browser extension referred to as MyStreamsSearch. It is price clarifying that this is likely one of the many pages to which the marketing campaign redirects after clicking on full registration. As we noticed a number of days in the past in an analogous marketing campaign that supplied free 50Gb of cell information within the title of WhatsApp, in some instances they’re invited to obtain different equally suspicious extensions, activate browser notifications that show malicious promoting, in addition to full surveys. or begin classes on alleged online game platforms, amongst others.
In the case of the MyStreamsSearch extension, which was the one which the marketing campaign supplied us throughout our assessments, it’s an extension that’s out there within the Google Chrome retailer and is what is called a browser hijacking; that’s, an extension that takes management of the browser. Once the extension is put in, it would modify the preliminary web page of the browser. This sort of malware is troublesome to uninstall, and it may additionally acquire info from the consumer’s pc, corresponding to IP handle, browser model information, web sites visited, names, electronic mail addresses, and comparable info that it shouldn’t acquire.
As we at all times advocate to customers, by no means click on on these kind of hyperlinks that arrive unexpectedly and provide presents for a restricted time. Although these messages often come by respectable WhatsApp contacts, it is because they’ve fallen for the trick and shared the message believing that they might get the profit.
On the opposite hand, contemplating that the marketing campaign redirects to suspicious websites and appears for the consumer to obtain extensions on the pc, it is suggested to put in a safety resolution on the computer systems that detects these websites and blocks them.