The bait this time is the unexpected closure of the account and some pending messages. With the excuse of fixing the error, threat actors try to steal the credentials.
New phishing campaign via Bitcoin credit and smartphone prize. This is how the cybercrime scam works
A false confirmation of credit of 320,428.99 euros on a Bitcoin account conveys the latest phishing campaign to steal the victim’s personal data and credit card numbers. The email sent to the users in Italy, but probably also abroad in different languages, asks to open a link to confirm the transaction.
In fact, this points to a site with an announcement that user won a gift after answering three questions about Google.
Once the step is completed, the potential victim will be able to choose a latest generation smartphone.
Based on the model selected, a new ad hoc page will appear in which to enter the email address first.
Then, it will be the turn of the credit card numbers to make a payment of one euro.
Any combination digited, however, will cause a screen to appear explaining that the purchase could not be completed and the user is invited to verify their billing information.
Meanwhile, the cybercrime actors behind the scam will have stolen all the data. It is interesting, as the attached photographs confirm, that the sites change between the various passages.