Feykovye sweepstakes tickets: how to recognize deception and what to do if caught

If you are caught in a web message that plays well-known airline free tickets, beware. Chances are good that it is a deception that will turn unpleasant consequences for you.

Ruslan Yussufov

Director of the Private Client Group-IB. creator email-mailing about current cyber threats.

In the past few days, I see a lot of pages repost «Emirates gives 2 tickets" (also report fraud on behalf of Aeroflot). This, of course, wiring. But I see these pages do not repost from his grandmother (my grandmother chose the radical way to protect against cyber criminals and does not use a computer), and from people from banks, investment funds and charities, and even family offices (that is, people who have access to the money and sensitive information). Tell us more than it threatens.

How do you know that you are deceiving

First you get a link through WhatsApp or clicks on a repost on Facebook and get to the type of site Emirates-free 2-ticket-com-abracadabra-dot-comThat is already cause for concern. Those with whom we communicate a little more often, already have acquired a subconscious barrier paranoid and do not pass on such links.

When you go to such a link, you spend a few sites-pads.

In the process you will see advertisements likely to be an attempt to infect your device trojan or other malware.

In parallel, you will answer questions such as "Do you really want to get 2 free tickets from the Emirates?" And "Confirm that you are an adult (nd)."

At some point, need to obtain tickets to pitch 10 your contacts and make repost on Facebook page. In some cases, you will be offered to authorize your account to take the matter to themselves and do not hinder you. In any case, you will involve in a fraudulent scheme of your friends. In addition, it is likely that after the account login in facebook your information will be sold to advertising agencies, but it is the lesser of the starting problems.

Once your computer is infected, your account is logged in, you looked advertising, invited friends and made a repost, you will see the message "Sorry, you did not win. Luck next time. "

Than it threatens

Thanks to your naivete people behind this scheme, hit the jackpot:

1. If you use online banking via a device that steal money from it.
2. If a computer on a corporate network through your computer at your company will steal money.
3. Your computer will be connected to the botnet to organize automated DDOS-attacks and spam.
4. Your computer will be used for mining Bitcoins, for storage of prohibited materials (eg, it is not lawful pornography), to conceal traces of crimes (such as proxy-server); it is not necessary that it will deal with the same people: access to your computer can be sold on the black market for $ 1-2.
5. The device will be scanned for compliance with certain criteria (for example, files "1C", databases, etc..), And sooner or later you will steal the information.
6. If the phone is infected, except for all of the above, you will steal conversation in instant messengers, as well as all the photos and notes.
7. If among the photos will be naughty, you will begin to blackmail or ransom.
8. If you are a person of particular interest (and it can also be understood in almost automatic) access to your device will be sold on the black market professionals a different profile, and that's when the real problems start (spying, wiretapping, competitive intelligence, competition, plums in the media, and others.) And you will learn about this after the fact.

FAQ

- But who needs me? I have money and some do not!

They know how you monetize. Not one, so the other.

- I would like a free ticket (or was led to a similar scheme) that I do now?

Antivirus scan system, it will reveal part of the infection. Put all the security updates (Windows) or upgrade to the latest version (Mac, iOS, Android).

- It saves the antivirus?

It does not help. But it must be (with an active license and updated databases) to cut the most common threats.

- That in addition to anti-virus?

If you have something to lose, it is necessary to change the approach to cybersecurity. Conduct training for staff, conduct training for the family, do systems audit, ask the right questions of your IT people, put special equipment to deal with targeted attacks.

But the most important thing - to change the attitude, my friends, the threat is real. Your carelessness - tradable commodities on the black market, and the amount of the market today - billions and billions of dollars.