Fake 'Google sweepstakes' scam targets SA

2015-08-26 09:24 - Duncan Alfreds
Post a comment 5

Cyber crooks typically use brands like Google to conduct their activities. (Duncan Alfreds, Fin24)


Cape Town - Cyber crooks are engaged in a scam targeting South Africans that seeks to extract user information.

The phishing scam involves victims being chosen as one of 12 winners of an "Email Electronic Sweepstakes" supposedly operated by Google.

The scammers exploit the scepticism that web users are likely to display at winning a competition that they had not entered by saying "It is obvious that this notification will come as a surprise to you".

Internet users are offered £950 000 and a number of gadget prizes that may be claimed by simply entering personal details. You are also promised a Google Ambassador opportunity as part of the prize.

Unlike a normal phishing scam where the victim is directed to a fake website, the latest trick is designed to fool email filters by including the message as an image and directing users to respond with personal details.

READ: Online scams hurt SA classified users

The email is purportedly from the Google Corporation and signed by "Matt Brittin, Chairman of the Board and Managing Director, Google United Kingdom", but a check of the link reveals the message directs to a completely different domain.

Phishing strategy

Phishing is a successful method that criminals use to exploit internet users in a bid to steal personal and financial information.

Cyber crooks will typically exploit well-known brands to fool victims. (Duncan Alfreds, Fin24)

"The most effective phishing attacks can succeed 45% of the time, nearly 2% of messages to Gmail are designed to trick people into giving up their passwords, and various services across the web send millions upon millions of phishing emails, every day," wrote Drew Hintz, Google security engineer and Justin Kosslyn of Google Ideas on the official blog recently.

Google advised that internet users - whether they be expert or not - should practice a security mindset by updating software on a regular basis, using a password manager to create strong pass codes, employing antivirus software as well as two factor authentication.

"No practice on either list - expert or non-expert - makes users less secure. But, there is clearly room to improve how security best practices are prioritised and communicated to the vast majority of (non expert) users," wrote Iulia Ion, Rob Reeder and Sunny Consolvo.

The scammer ironically warns users that they should keep the prize number secret to "avoid double claiming and unwarranted abuse of this programme by unscrupulous elements".

Have you been targeted by this scam? Tell us by clicking here.

- Follow Duncan on Twitter

Read more about: google  |  cybercrime

Read Fin24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.