Amazon is not celebrating its 30th anniversary with gifts: this WhatsApp message is a scam
A new phishing campaign is circulating on WhatsApp that aims to steal your personal data and install malware on your mobile. If you get this message, delete it and do not follow the link because it is a scam.
WhatsApp is the most used instant messaging application in Spain, and for this reason it is also one of the preferred channels for cybercriminals to spread their malicious campaigns. In this way, they ensure that you reach the largest number of potential victims.
Now it has been detected a new phishing campaign that spreads through WhatsApp with the aim of stealing users’ personal data, as well as installing malware on their mobile phone. This time, the hook is a supposed “Amazon 30th anniversary celebration gift” offered to victims, but none of this is real or related to Amazon.
The text of the fake WhatsApp message indicates that the eCommerce platform is celebrating its anniversary and, to celebrate, it is distributing a million gifts to users. The URL is not the official one of Amazon Spain, and this is the first sign that warns us that we are facing a scam.
In case you follow the link, you will access a page of a survey that promises to win a high-end mobile, which in the test we have carried out was a Huawei Mate 40 Pro 5G with 8 GB of RAM and 256 GB of storage internal. To get you in a hurry to participate, the system has a timer, but you can actually answer whenever you want.
The survey questions are extremely simple (gender, age, rating of Amazon services and operating system of your mobile). Then you will see a roulette wheel to see which gift is the one that corresponds to you, And as you can imagine, you always win the smartphone.
The system asks you to share the message with five groups or 20 friends to receive the gift, and finally tells you to download an app and keep it open for at least 30 seconds. This step will install a Trojan on your mobile, so do not do it under any circumstances.
The mechanics of this phishing campaign is very similar to what we have seen on many other occasions, so whenever you see a message of these characteristics, be suspicious, and notify the person who sent it to you so they know they are at risk.