Don’t get carried away on Black Friday – scams on Amazon consoles and gift cards

Black Friday is one of the most profitable days of the year for the e-commerce industry. According to Adobe Analytics, consumer spending on this date last year was $9.03 billion1 and is expected to be even higher in 2021. Given the popularity of this period and the money involved, cybercriminals will not miss the opportunity to increase their activity and make further profits.

One of the ways hackers have used this year, as noted by analysts at Fortinet’s FortiGuard Labs, is by using Amazon’s fake gift card generator. By doing so, they are able to rob their victims of cryptocurrencies or data, including access credentials for e-commerce sites, credit card numbers or home addresses.

Nothing is more expensive than freebies

Legitimate gift cards are often used for purchases on Amazon. Analysts from FortiGuard Labs recently detected a malicious file called Amazon Gift Tool.exe. It was found in a zip file posted on a publicly accessible file repository page. It is unclear exactly how this tool was introduced to potential victims, but the criminals most likely advertised it as a free Amazon gift card generator.

Of course, the tool that provides free gift cards does not exist. However, the hope of getting something for free may be stronger than common sense for many people. In this case, after the victim runs the fake card generator, it extracts and runs the malicious winlogin file.exe that monitors the victim’s clipboard. The purpose of this software is simple. If a victim attempts to add money to their bitcoin wallet by copying and pasting its address, the malware overwrites the victim’s wallet address on the clipboard with its own, resulting in money potentially going to the attacker.

Scam “on the console”

Another scam that FortiGuard Labs analysts have recently observed is related to game consoles. With the ongoing global chip shortage, customers are still struggling to get their hands on next-generation consoles like the PlayStation 5 and Xbox X and S series, which debuted late last year.

Researchers at FortiGuard Labs recently identified a series of malicious PDFs online with titles such as “how_much_do_xbox_s_cost_on_Black_Friday” and „Walmart_black_Friday_ps5_pickup”.

The first page of every PDF uses a CAPTCHA code to prove that the user is human. The Continue button on the same page does not work as expected because the user is redirected to the website as soon as the CAPTCHA checkbox is clicked. According to information from FortiGuard’s managed Web Filtering database, it has been used for phishing. As a result, the victim may be persuaded to provide confidential information in the future, such as. credentials for online shopping sites, credit card numbers or home address.

Recommended actions and precautions

Since criminals use social engineering to trick their victims, it is important to address these challenges early. The most effective tool in the fight against spam, malicious links and e-mail attachments is a secure e-mail gateway with advanced mechanisms for detecting and responding to malicious messages.

A large educational role rests with companies, which are encouraged to provide training to staff on the latest phishing techniques. Employees should especially be sensitized to never open attachments from people they don’t know and always treat emails from unrecognized or untrusted senders with caution. Improvised tests on how to recognize emails containing malicious attachments or links are also helpful.