Free shopping voucher offer leads to phishing

Cybercriminals have been ramping up their efforts as the year draws to a close, and have initiated hundreds – if not thousands – email spam campaigns, trying every approach possible to get users to part with their personal and financial information, or to install malware.

Symantec researchers have stumbled upon a very enticing offer – a well-known credit card company is giving out free shopping vouchers for Christmas:

In this widespread economic downturn, who wouldn’t mind a little free Christmas shopping?

But you should. Remember the golden rule of (online) scams? If it’s too good to be true, it probably is.

In this case, the link embedded in the email, which supposedly leads to a page where the recipients can “validate” their voucher, leads to a phishing page created to harvest information they will willingly share in order to get the free shopping opportunity.

Given that this scheme targets customers of a particular credit card company, it’s probable that they are asked to input their personal and credit card information.

“There are many fraudulent tricks doing the rounds this Christmas,” the researchers warn. “Be aware when dealing with every financial transaction, check for discrepancies, and be absolutely certain before you click any link mailed to you. Verify that the hyperlink embedded in the email truly belongs to the financial institution to make sure you are not being taken for a ride. Don’t forget to regularly change your password and keep them secret, strong and unpredictable.”