ESET, a leading proactive threat detection company, identified a new scam that uses sites touted as featured fragments on Google to address users to a Social engineering campaign (techniques used to deceive a user into Through an action or social behavior) promising a Samsung S8 Plus phone to a dollar for completing a survey, aiming to steal credit data from their victims.
When a user asks a question as a Google search, the answer is usually shown in a highlighted block as the first result, so that the user can read the answer to his or her question without having to enter the site. This is a prominent fragment or also known by its English term “featured snippets”. These fragments are automatically selected, using an algorithm that determines whether the answer to the user’s question is likely to be found on a particular website.
In this case, from the Research Laboratory of ESET Latin America, it was identified that when searching for the term “UX” in Google, a prominent fragment redirected users to malicious sites where the user was prompted to complete a survey in order to Obtain a benefit; In this case, a Samsung S8 Plus phone for a dollar. Different survey formats were deployed to users, displaying the same pages for both computers and smartphones and smart tablets and, after specifying the survey, the user always benefited.
After completing the survey, the victim is redirected to a site with HTTPS that will ask for certain personal data to be able to continue on his way to win a smartphone. Another interesting fact is that there are 75 domains associated with the certificate of this fraudulent site, listed as alternative names of the receiving entity. When browsing these domains, ESET detected numerous scam sites disguised as pages to get free movies, pornographic sites and other scams.
It is also noteworthy that the domain was discharged in the last days of April and quickly the scam reached the position between prominent fragments of Google in early May highlighting the speed with which these scams appear and disappear from the radar.
After stealing personal data, the scam concludes with the fictitious purchase of the smartphone for the amount of a dollar. In this final instance, the attacker will request data from the victim’s credit card