Fraudulent websites redirect to other scams or to download legal browsers so that scammers can collect money
They circulate messages with links that congratulate the user for being “one of the winners” and they promise prizes like a “tiny house”, cupon purchase or 60 GB of data, for which you have asked the Maldita.es WhatsApp chatbot (+34 644 229 319). Careful because They are fraudulent pages what others hide scams
These sites act as “advertising campaigns”. phishing“, according to Liany Mendoza, computer expert and member of Migravoicein statements to damn.es. The strategy consists of attract people with attractive offers so that they click on different links.
Two of the fraudulent pages to which the links redirect (free3259[.]pow2[.]xyz and tuipk[.]buzz) offer assumptions data “for all networks”. First request a phone number to check if the person is “eligible” and then force Share the link with five groups or 12 WhatsApp contacts to obtain the supposed reward. After these steps, buttons appear that lead to different scams.
One of these links leads to a website that impersonates The World and collects false statements from Lorena Castell promoting the investment platform Nerdynator V2. This website asks personal data and is not authorized by the National Securities Market Commission (CNMV) to offer investment services. The false article uses images of Castell during a interview in The Resistance in February 2023 in which it does not promote any platform.
Other buttons redirect to pages where a reward is promised when touching a chest and from there to a channel Telegram online game that asks 150 euros to enter.
They also lead to external sites where the browser download legitimate as EITHERpear GX, Opera One or AVG Secure Browser.
Raul Cosanoa cybersecurity expert, assures that “these cases are very common. They are a very well thought-out money-making machine.” Explain that The prizes act as bait to sneak various scams and get the victim to download a legal browser with which Scammers charge a commission. “Opera or any other company pays them, for example, one euro for each new user they bring. If they deceive 1,000 people, they already have 1,000 euros. “Easy, fast and using a totally legitimate program,” he points out. Added to this is the collection of personal data, which are then sold to “others” scammers that they will send you fraudulent SMS or make calls to deceive you with another scam.”
The specialist explains that They buy “cheap and anonymous” domains to create thousands of subdomains that can be “used and thrown away every day”. Also highlights the role of code that is hidden on these websites. One part allows track each user individually, generate a digital identification, know how long you stay on the page or what links you click. Although this code is not malicious in itself, its purpose is to “track to commit the fraud”.
Other code, uploaded from an external website, yes it is malicious and is responsible for making automatic decisions: collect device data, record visits and decide which scam to redirect the user to. According to Cosano, first detects the browser and directs it to download Opera GX or Opera One to obtain the commission, and then may lead to further deceptions or display unwanted advertising.
To avoid falling into these practices, Cosano and Santiago Casteleiroan expert in computer hacking techniques, recommend using common sense: “if no payment has to be made, you are the payment,” he warns. Cosano. Also They advise not clicking on suspicious links, be wary of unsolicited downloads, download browsers only from official pages, Always check the URL and report the links if they arrive through WhatsApp.
