Skip to main content

A new WhatsApp Scam : Amazon's 30th anniversary celebration free gifts!

Awareness is necessity

One of my friend sent a message yesterday asking me to take a survey to claim free gifts as part of Amazon’s 30th Anniversary celebration.

Did you receive this kind of message ?

If yes then beware !!!
It’s a new whatsapp scam. "


Letme inform you first that according to WIKIPEDIA Jeff Bezos founded Amazon in July 1994. Now count the years . It's only 26 years. And here in the title they mentioned a 30th anniversary celebration.

There are several ways to identify the link whether it is original or fake.

When users click on the message, a new window opens saying “Congratulations, you have been chosen to participate in our survey”. Users are asked to answer four questions. After the user submits the answers , Bunch of gift boxes appears on the screen asking user to make a selection. In most cases it is the Huawei Mate 40 pro .

I marked red squares on screenshots , when you try to click on that button or sign-in label , they are unclickable. This is a sign of a phishing/fake page. Then this website asks users to share the quiz with “5 whatsapp groups” and “20 friends”.

Never Do this

You are becoming a part of such a scam unintentionally and spreading it to more people. Providing some personal information on such websites can be dangerous .

When you click on complete registration button, it will redirect you to fake links. Keep in mind while visiting such fake websites that it will redirect you on malicious links and pop-ups and then when we download, its something else. It maybe any worm or any encrypted malware. Some bad people can use such links to spread/install malware in your device.

You can see page redirection fake links in below images.


So the motive behind this article is to spread awareness about this kind of WhatsApp scam. As cybercriminals are becoming very smart day by day, they are using new ideas to make people fool and gather informations.

Labels:

Comments

Post a Comment

Please do not enter any spam link here.

Popular posts from this blog

Email Security Deep Dive: 13 Steps to Keep Your Emails Safe

Email Security Checklist The Email Security Checklist 1. Enable SPF (Sender Policy Framework) What it is: SPF is like a guest list for your email domain. It tells the world that only specific servers are allowed to send email for your domain. How it works: Publish an SPF record in DNS. When someone receives an email claiming to be from your domain, their mail server checks if the sending IP is listed in the SPF record. If the IP is not listed, the email is rejected or marked as spam. Example SPF record: v=spf1 ip4:203.0.113.0/24 include:_spf.google.com -all Only servers in the specified IP range and Google’s mail servers can send emails for this domain. Others are rejected. Points to Note: Prevents attackers from spoofing your domain and sending phishing or spam emails. 2. Enable DKIM (DomainKeys Identified Mail) What it is: DKIM is a digital signature for each email, ensuring that the message hasn’t been tampered with. Ho...
Post a Comment
Read more

ઑનલાઇન બેંકિંગ છેતરપિંડી વિશે સાયબર સુરક્ષા ટીપ્સ

Awareness is necessity આજકાલ, ઓનલાઈન બેંકિંગ frauds દિવસેને દિવસે વધી રહી છે. ઈન્ટરનેટ ઉપયોગ, ઈન્ટરનેટ સુરક્ષા અને સાયબર ક્રાઈમ અંગે જાગૃતિ ક્રાઈમ ઘટાડવામાં મદદરૂપ થઈ શકે છે. તેથી અહીં કેટલીક Security guidelines પ્રદાન કરવામાં આવી છે જે તમારે બેંક ટ્રાન્ઝેક્શન દરમિયાન અનુસરવી જોઈએ. સેફ બેંક ટ્રાન્ઝેક્શન ટિપ્સ: SMS દ્વારા અથવા ઈમેઈલ દ્વારા મોકલવામાં આવેલ ATM PIN કોડ અને OTP "વન ટાઈમ પાસવર્ડ" કોઈપણ સાથે ક્યારેય જાહેર કરશો નહીં, પછી ભલે તે બેંકમાં કર્મચારી હોય, કારણ કે બેંક તમને તમારા ખાતા અથવા ક્રેડિટ કાર્ડના કોડ વિશે ક્યારેય પૂછતી નથી. બેંકિંગ વ્યવહારો કરવા માટે પબ્લિક કોમ્પ્યુટરનો ઉપયોગ કરવાનું ટાળો. જો તમે Public Wi-Fi દ્વારા ઈન્ટરનેટ સાથે જોડાયેલા હોવ તો ઈલેક્ટ્રોનિક બેંકિંગ વ્યવહારો કરવાનું ટાળો. વોટ્સએપ, ફેસબુક, ટેલિગ્રામ વગેરે પર, ઈમેઈલ, ચેટ્સ અથવા મેસેજમાં આપેલી કોઈપણ લિંક દ્વારા ખોલતી બેંકિંગ વેબસાઈટ પર બેંકની વિગતો અથવા ઓળખપત્ર ક્યારેય દાખલ કરશો નહીં. હંમેશા personal computer અને latest ઓપરેટિંગ સિસ્ટમ સાથે સ્થાપિત મોબાઇલ ઉપકરણો પર બેંકિંગ વ્યવહાર...
Post a Comment
Read more

PRIZE SCAM: If you have to pay to get the prize, it's not a prize

Awareness is necessity Have you ever got any calls stating that you have won a prize or lottery from any online shopping website? The chances are these calls are fraud As a Cyber volunteer, I have analyzed some case studies of these kinds of frauds. Let’s understand how this type of fraud happens !! The fraudster calls you imposing as an employee from any trusted online shopping site. They try to convince you by giving you the details about your last purchase from the site, with the product and order details. When a person believes that the fraudster is an employee from the online site, they give them attractive schemes about different prizes like laptop, T.V, mobile phones and give an option to select one prize from them.When you show some interest and select a prize from the mentioned prize, they send us a link as SMS. The link sent is the fraud link which asks for our registration details like bank details as well as personal information. While regis...
Post a Comment
Read more

Exploiting and Securing GitLab: Lessons from a TryHackMe Lab

Perimeter security isn’t enough—because sometimes the threat is already inside. In this blog post, I’m sharing what I learned from a hands-on TryHackMe lab on GitLab security . It revealed how a simple internal misconfiguration—like open registration or overly permissive repo access—can lead to major data exposure inside an organization. I’ll walk you through the red team perspective on exploiting a misconfigured GitLab instance , and then flip the script to explain how you can secure your own internal build systems . Scenario: Inside the Walls of a Large Organization Think of a large organization—like a bank—with thousands of employees and multiple teams handling development, IT operations, and security. To keep intellectual property (IP) secure, these organizations often host self-managed GitLab instances on their internal network. But here’s where things can go wrong: GitLab is hosted internally Allows anyone on the internal network to register Has some projects...
Post a Comment
Read more

How to Protect ourselves from Online Banking frauds: Tips & Ticks

Awareness is necessity Nowadays, Online banking frauds are increasing day by day, and awareness about Internet use, Internet Security and cyber crime can be helpful in mitigating cyber crime. So here I am sharing some security guidelines you should follow during bank transactions as given by Delhi Police. Safe Bank Transaction Tips: Always do banking transactions on self-computer and mobile devices, installed with original operating system. Use the latest Antivirus software in order to detect and stay protected from most of the threats and vulnerabilities in the applications installed on computers. Never disclose ATM PIN codes and OTP “One Time Password” sent by the bank through SMS or on Email with anyone, even if he is an employee at the bank, as bank never ask you about the codes of your account or any credit card details. Avoid using public computers for making banking transactions. Avoid electronic banking transactions if you are connected to the Internet via...
Post a Comment
Read more

Deep Dive into Cybersecurity: Security+ Level Knowledge Without the Certificate

📚 My Cybersecurity Learning Journey Key Topics from a 17-Hour Security+ Course 🔹 CIA Triad Explained Confidentiality: Ensuring that sensitive data is only accessed by authorized users. This is often achieved using encryption and access controls. Integrity: Ensuring data is accurate and untampered. Techniques like hashing, checksums, and digital signatures help validate that data hasn't been altered. Availability: Making sure systems and data are accessible when needed. Achieved through backups, redundancy, load balancing, and fault-tolerant design. 🔹 Types of Threats Malware: Includes viruses, ransomware, worms, and trojans that compromise devices or networks. Social Engineering: Manipulating users into giving up confidential info. Example: Phishing emails. Insider Threats: Employees or contractors misusing access, accidentally or intentionally. Advanced Persistent Threats (APTs): Long-term targeted attacks, often by well-funded threat actors. Zero...
Post a Comment
Read more