Researchers from Akamai ring the bell of warning to those who are searching for the ideal vacation spot, as new scam campaigns that target several hotspots have grown in number since May. The security researchers have spotted a new phishing attack campaign which targets victims who are looking to buy tickets to amusement parks all around the globe. The particular campaign uses a phishing toolkit that we’ve seen before, back on December 2018, and which involves “feel-good” tactics and online quiz prizes that the victims supposedly won. The new campaign includes 30 phishing websites that mimic 17 amusement park brands that are located in the US, Europe, Asia, and Australia.
Unfortunately, according to Akamai’s stats, these campaigns have been very successful so far, counting up to 25 victims per hour, or an average of 500 victims per day. During the first two weeks of June, when most people sit on the PC to arrange their summer vacation, the scammers ramped up their efforts. What they did was to serve their victims with localized amusement park brands instead of randomizing the prizes. For example, someone from Spain would win tickets to a Spanish park based on the associated geolocation info.
What happens if the same person is planning a vacation to the UK instead? Phishing actors are employing advanced tracking tools, so they know where their victims are planning to go and still manage to serve them targeted prizes. So, if you are planning to visit another place in the world and you just won some tickets to an area of interest there, it wasn’t amazing luck of the draw that just happened to fall into your lap. It is a clear indication that you are getting tracked by phishing scammers and targeted with fake prizes. The level of success of these campaigns showcases how easily people are convinced by the legit-looking, well-crafted phishing websites that are used by the scammers.
To stay safe against these campaigns, always pay attention to the URL you are landing at, never fill out forms asking for personal information, and set your browser to handle the website trackers with greater strictness. The latest Firefox offers this kind of functionality, while the Brave browser also allows the complete blocking of all trackers. If you don’t prefer that, you can use Mozilla’s latest cool tool called “Track This”, and which opens 100 tabs that will confuse all running trackers.
Have you received a claim for a targeted prize? Share the details with us in the comments down below, or on our socials, on Facebook and Twitter.