Nescafé coffee lovers are the latest to be targeted with a phishing scam designed to steal their personal details and infect their device with malware.
The scam is circulating widely on social media and users have reported receiving a message saying: “Nescafe offers free coffee machine and 3 coffee packs. Complete this mini survey and win a Nescafe Coffee machine”
To entice users to click on the link, the post includes an image of a coffee machine and lists the number of coffee machines left available in the promotion.
Image: Fake Nescafé Phishing post
Before proceeding to the survey, the user is prompted to click the ‘Yes’ button where they are redirected to another page that asks them to download a PDF.
This is just a cunning way to trick the user into downloading malware onto their device. Once installed, attackers can use the malware to spy on their online activities, steal personal and financial information or use the device to hack other systems.
Nescafé is not running a promotion like the one used in the scam and the company confirmed the posts are fake in a recent statement: “Nescafé Dolce Gusto is in no way associated or affiliated with the promotion. We therefore urge all our consumers to be vigilant and exercise caution when it relates to sharing any personal information online.”
Social media phishing, primarily on Facebook and Instagram, has seen a 74.7 percent increase in the first quarter of 2019. This rise can be attributed to a more trusting online environment where users are less suspicious about links in social posts than they would be on other platforms.
Fraudsters have taken full advantage of this lack of cyber security awareness to launch a range of scams that aim to harvest user details, fill pages with spam or deliver malware.
To avoid being scammed on social media, there are a number of steps you should take:
Phishing is the number one cause of all cyber attacks and continues to prove one of the easiest ways to steal valuable data and deliver malware. MetaPhish has been created to provide a powerful defence against these threats and enables organisations to find out just how susceptible their company is to phishing. Get in touch for further information on how we can protect your business.