contador web Saltar al contenido

WhatsApp scam uses Coca-Cola brand to steal victims' data | Security

New WhatsApp scam involves the global brand of drinks Coca-Cola. The fake promotion promises a thermal bag and six bottles of soda for those interested in registering on a fictional platform, from a malicious link posted on the messenger. According to information from the developer of security apps PSafe, 15,000 cases have been detected so far. Action, which involves social engineering, is similar to what happened two weeks ago with the O Boticrio perfumery.

The cybercriminals' strategy has the same level of sophistication used in the cosmetics company. At first, the malicious practice appears to have been done by the same person or group of hackers. Criminals have created a system capable of verifying that the CPF informed belongs to the name entered and, thus, offer victim credibility. Another factor that helps to deceive users is the use of information linked to the Coca-Cola database.

New scam uses porn and ransomware sites to steal user data

WhatsApp scam uses the Coca-Cola brand to trick victims Photo: Reproduo / WhatsAppWhatsApp scam uses the Coca-Cola brand to trick victims Photo: Reproduo / WhatsApp

WhatsApp scam uses the Coca-Cola brand to trick victims Photo: Reproduo / WhatsApp

Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo

At this time of the year, Coca-Cola usually promotes Christmas caravans, with decorated trucks, that pass through certain cities, on specific days and times. Taking advantage of this, the criminals created the coup. The trips made by the vehicle are part of the brand's agenda, which publishes the entire route on the media in order to promote the interaction of local residents.

To carry out the fraudulent scheme, first, a message via WhatsApp warns that the beverage brand offers gifts for those interested, a thermal bag and six bottles of soda. However, in order to withdraw the prize, it is necessary to complete a registration, through the link informed in the messages released by the bandits. Before providing the data, the user must include the state and city where he resides to know which days the caravan with Coca-Cola Christmas trucks will pass. Thus, the fraternization is used as the supposed place for withdrawing the prizes.

Image of the fake promotion of Coca-Cola that is circulating on WhatsApp Photo: Reproduo / WhatsAppImage of the fake promotion of Coca-Cola that is circulating on WhatsApp Photo: Reproduo / WhatsApp

Image of the fake promotion of Coca-Cola that is circulating on WhatsApp Photo: Reproduo / WhatsApp

The problem that criminals use a Coca-Cola database is that true. In this way, he is able to present the entire schedule of the caravans and, for this reason, the scam looks like a real promotional action, which leads the user to believe in the fake site. If the person remains on the page and fills out the rest of the form, they will have important data stolen, such as the CPF number, for example. With personal information available, cybercriminals can apply thefts and fraud on behalf of the document holder.

To prevent the coup from making new victims, Coca-Cola has publicly manifested itself on the official website. In addition to warning about the deceptive promotion, he highlighted the company's official communication channel as a means of contact about its actions. "Coca-Cola clarifies that the promotion that is circulating via WhatsApp about Christmas and thermal bags is false. We ask for extra attention to consumers for rumors involving gifts and our brand. We also warn that the link that accompanies the message directs the consumer to a website that does not belong to Coca-Cola. The official website is ".

Throughout the year, messages with fake promotions arrive via WhatsApp messages or e-mail, but on festive dates like Christmas, the problem can intensify. To avoid being the victim of a scam, never click on links that look suspicious, even if the message came from a known contact. Users can report accounts that forward malicious information without leaving the messenger. The measure is valid, as the platform is unable to access the conversations because of the adoption of an end-to-end encrypted system. If the user accidentally clicks, the user must immediately exit the page and do not enter any personal data.

To check information released through social networks, interested parties can access a tool developed by the University of So Paulo (USP) and Federal University of So Carlos (UFSCar) for WhatsApp, without leaving the application. It is still possible to use online tools such as the Fact or Fake page, created in order to check the veracity of the content that circulates on the Internet.

Another way to confirm a promotion is through the company's Customer Service (SAC). It is also worth accessing the official website and seeing if there is any information about the alleged. Brands use their official communication channels and social networks, such as Instagram and Facebook, to advertise the campaign.

"Netflix is ??distributing 534 free accounts"; blow? Ask questions in the TechTudo forum.

How to remove viruses on an Android phone

How to remove viruses on an Android phone