Scottish Cyber Security Specialists Warn of Festive Season Supermarket Voucher Hoax
The Scottish Business Resilience Centre is urging shoppers to apply extra scrutiny and scepticism when they come across online competitions and offers.
The Scottish Business Resilience Centre (SBRC) is urging shoppers to be on their guard when shopping online this Christmas, following a spate of scams offering a chance for ‘lucky’ winners to land hoax vouchers with well-known UK supermarkets.
The SBRC, a non-profit organisation that exists to support and help protect Scottish businesses, has uncovered a scam promising Facebook users the chance to win one of 1,000 vouchers worth £150 at Morrisons.
Within just 10 hours, the post had received more than 2,000 shares and comments, each by users unwittingly hoping to ease the festive grocery bill by simply commenting ‘Me’ on the post in order to qualify for a voucher.
To lure all that entered, the users had been served a link by a chat-bot – which led to a questionnaire webpage registered in the Bahamas – likely intended to gather key information on each person that clicked through.
Gerry Grant, chief ethical hacker with Curious Frank, a division of the SBRC, has warned that the festive season is a major draw for unscrupulous fraudsters.
He said: “There is no doubting that many of us feel the pinch over the Christmas and New Year, perhaps more than at any other time of the year.
“Criminal hackers and fraudsters are very aware of this. They know that we are simply more disposed to fall for a scam we otherwise wouldn’t.
“While we have investigated this one example by taking special precautions, we of course urge the public not to follow suit – and instead apply extra scrutiny and scepticism when coming across all online competitions and offers.
“Unless you are categorically certain that it belongs to the official page of that business or organisation – avoid it. It’s simply not worth the risk of leaving your personal data exposed.”
While this competition adopts the Morrisons branding, the SBRC has uncovered further evidence that suggests the same fraudsters will be using other supermarkets as a guise – as well as other platforms including WhatsApp to further trick users.
In order to avoid falling foul, the public are encouraged to heed the following precautions:
• Check the web address – are you sure you are on the genuine website?
• If you have clicked through to a page, firstly make sure you can see ‘https://’ at the start of the address bar or a padlock icon.
• ‘Green Address Bar’ – another indicator that some secure websites use is to turn the address bar green.
• Users should also check the page that is sharing any vouchers. Does it look genuine? Is it posting other content from that supermarket i.e Christmas recipes or discounts? If not it may not be the real deal. Check when the page started making posts, it may well have been created simply for the purposes of a scam.
• Is the offer simply too good to be true? Would a supermarket really issue out 1000 £150 vouchers for instance?
• Look out for the blue tick – Facebook and Twitter have a blue tick scheme for verified accounts. This is a handy way to verify that a page is the real deal.