Vacations, vacations, and vacations are often situations that cybercriminals take advantage of to orchestrate different scams.

They use an alibi linked to a particular date and manage to convince potential victims if they are not suspicious. downloading any malicious apps or entering sensitive data on sites that appear to be genuine but are not real.

In this case, it was detected by a scam Whats upmainly, although also in Instagram Y Facebook, When you offer to enter a contest to win Easter eggs, Where there is a link that redirects the user to a wrong page to steal information.

Sites promise access to free Easter eggs or gif cards. According to cybersecurity consultancy BTR Consulting, in each case users are asked to answer a survey, and the message states that the person sending the message via WhatsApp has already received the reward for building reputation.

The scam is not new, it has been around for about 5 years, but at this date it has not only been reactivated, but optimized to appear more reliable.

Criminals try to confuse users with real marketing campaigns of chocolate companies. using digital media to run campaigns known as Worldwide Hide (World Treasure Hunt), which encourages users to store a virtual Easter egg anywhere in the world and send a hint to someone who can look for the egg on the virtual world map.

Links started circulating around the world last week in English and Spanish using the best-known brands selling chocolate and Easter eggs.

When users open the link, they are presented with a short list of questions to answer and then prompted for data entry. Thus, they end up on a false website requesting personal information, and in some cases, the message is automatically shared with the potential victim’s contact list to make the deception go viral.

“it is clearly an attempt phishingIt is a technique that aims to store personal data, usernames and passwords of various accounts, as well as bank or financial information. Users should in no way refrain from interacting with the message, enter any data or share the message further. In some cases, the scam involves fake Facebook and Instagram pages that impersonate chocolate-producing brands, encouraging participants to sign up for a website and follow steps to ‘verify’ their rewards,” explains BTR Consulting.

You should always be careful not to rely on promotions or product offers that include links where the user is prompted to enter confidential information. and also to share the supposed benefit with other people.

The scam is very similar to the one that went viral during February for the Amazon International Women’s Day 2022 Giveaway.

Things to keep in mind, as recommended by security experts:

– Message, mail, etc. Never give personal data or user name and password, bank account number or credit card number on any link accessed via other means. Even if it comes from acquaintances and friends, you have to be careful because they too may be unwittingly copying a scam that they themselves are victims of.

– Verify on the web whether there are complaints or victims

– Do not trust messages containing rewards and/or gifts via WhatsApp

– Observe the URL of the web page, verify if it is an official site or a cloned site.