Did you receive a WhatsApp message from Samsung offering you to win the Galaxy S21? Do not be tempted, This is a known and recurring fraud Under different headings – like “On the occasion of Women’s Day” or “Gift for Valentine’s Day”. The message reads Enter the link that leads to the activity page – where you have only three attempts to win a new Samsung smartphone.
“It will take you just a minute and you will receive a fantastic prize,” the main page read. “We randomly select 100 users to give them a chance to win amazing prizes.” As always, in activities of this kind you can see the red flags from the beginning, if you only pay attention to significant translation failures, such as the question “What smartphone are you using?”, The options are “Android” and “Apple” – the reference is of course to Apple and Android .
In order to strengthen the credibility of the action, at the bottom of the page is an alleged comments panel from Facebook with users who are upset that they did not win the award and users who are happy, loving and also received the award today. After answering the questions, the user is congratulated on his activity, and now he has three attempts to find the gift from about 12 gift packages presented to him.
After making the shares, you will receive a “congratulations” message and details about the last step which is to install an application that must be run for at least 30 seconds. After completing the operations, wait for the test to be completed within 24 hours. To encourage the sense of urgency, it is noted that “this promotion is valid for 500 seconds”, which should expedite you to complete the actions to get the right to collect the coveted prize.
So how is the message itself distributed? The information security company ESET Israel explains that after the user has won the prize, he is asked to spread the message via WhatsApp to 5 groups or 20 members. And finally, the last task has to be completed and that is to click on the “Register” button and take another action.
“A test we conducted shows that the file the participant is asked to download and run at the end of the activity may include remote access to the device, leak sensitive data and also allow access to another malicious code device. Simply put, it means access from a foreign entity to your device and its contents. .
The information security company also emphasizes that “after the user clicks to perform the last action, he comes to another site where a window actually opens asking him to approve the display of alerts. This is where the activity catch is found. Once the alerts are received, the user may be flooded with advertisements “Jumping while browsing the browser and also while using other applications, which will probably interfere with the normal course of browsing.”
Following the widespread distribution of the announcement, Samsung issued a statement saying: “Please note, this is not an official Samsung activity, but a fraud and deception by unknown individuals, which may constitute a criminal offense. We recommend taking extra care in these cases.”