While Commtouch technology automatically blocks billions of spam and phishing messages from ever reaching customers anywhere in the world, Commtouch staff review samples of the messages to analyze the way social engineering is being used within different cultures.
In this recent attack focused on Brazil, credit card customers weren’t threatened if they didn’t take action (the traditional “access your account now or it will be suspended”). Instead, the cybercriminals tried to tempt them to participate with a more positive message.
The email below requested that recipients register to get points for purchases, making them eligible for enormous prizes not only for themselves, but for their friends or family.
Here is the email and the translated text:
To participate,simplyregisterthe cardon thesitewww.naot–o.com.br/register.
After registration, each transaction of any value, is worth one point. Points can
be exchanged for vouchers. With the voucher for the purchase of a product or service
registered in the promotion, the cardholder earns another for free.
Accumulated points are not redeemable for vouchers turned into vouchers
that compete for monthly drawings of two prepaid cards worth $ 50 thousand each,
one for the cardholder and other gifts for those he appoints.
Sign up and start enjoying the benefits right now!
Sincerely,
Promotions department MasterCard ®
Of course, the registration form requires that participants verify EVERYTHING on the card – from the name and number to the security code on the back – allowing the cybercriminals themselves to go on a shopping spree…
