iPhone scam

Fake free iPhone 15 Pro world wide scam targeting users around the world

Fake free iPhone 15 Pro world wide scam targeting users around the world

Bangaly Koita 1 year ago

Our Threat Intelligence team has detected a massive scamming campaign targeting users around the world.

The threat actors has created many similar websites to target many users, the message has been already sent to thousand of users.  

AS you see below, the scammers are using a deceptive method to achieve their goal.

First of all, let’s have a look at the message body:

Subject: Your opportunity to get an iPhone 15 Pro for FREE.

In the picture above, the user received the message saying that he or she has been selected to receive a new iPhone 15 PRO. This kind of scam is very deceptive. Most of the users will click on the link.

There is a link behind the red button “Click to get started” on which the user should click to receive the reward.

Link: hxxps://storage.googleapis[.]com/hatrioua/hreflink.html#?Z289MSZzMT0xNzA0MzE2JnMyPTEwNDUxOTQ3NCZzMz1HTEI=

Once you click on the link, you are redirected to another link.

Browserling - Live interactive cross-browser testing

Elusivesnads[.]com

As you see on the picture above, there is a survey available before you get the reward.  After passing the survey, you are redirected to another website to ship the reward.

All the goods on the website are free, you need to pay only for the shipment which almost costs 10 Euro.

This technic usually works because most of users will be attracted by the offer. The amount of money for the shipment comparing to the real price of the good is nothing. Once the shipment is paid, the good will never arrive.

The threat actors created many domains to target more users and make more difficult to stop the attack.

Some domains related to the same issues:

Launchers[.]world

Wedgesplash[.]bio

Bindingsol[.]com

Znaperload[.]com

Spinninghats[.]world

Scanstrings[.]org

Aquariumpine[.]com

Yataganmon[.]com

Slightroads[.]com

Kompratutino[.]live

Newcrames[.]com

The domains are newly created and registered between different service providers such as Google, Amazon, CLOUDFLARENET, DFW-DATACENTER and others.

Thousand of people are being scammed every day. The best way to reduce the risk of being scammed is to check the website always when you receive such message before you connect on it.

Tools to verify website reputation:

https://www.virustotal.com/

https://app.any.run/

https://urlscan.io/

https://sitereview.bluecoat.com/

https://safeweb.norton.com/

Google Search  Google

You may have missed

Windows files system you should never whitelist in your environment

Bangaly Koita 3 weeks ago

New update in URLSCAN to detect malicious domains

Bangaly Koita 3 months ago

How to securely open a file

Bangaly Koita 8 months ago

Payoutproject[.]com the biggest scam ever on social media Facebook, twitter, TikTok, Instagram

Bangaly Koita 10 months ago

How to use a proxy server for free over the internet

Bangaly Koita 10 months ago