A false message that invites you to participate in a promotion to receive free Mercado gifts for Christmas began to circulate in the last hours on WhatsApp: in reality, it is a cyber scam that collect email addresses for spam and leads users to install a VPN on their cell phones.
The message, which promotes “about 2,000 free products” includes a link whose domain does not belong to the e-commerce company. Upon opening it, the user is redirected to a questionnaire that opens with an image of their typical boxes with the company logo and a Christmas hat.
“Welcome to the Mercado Libre Christmas promotion! Complete the questionnaire and win an exclusive gift“Reads the message, which is accompanied by false comments from users thanking the alleged gifts.
It happens that when you open the link, it is automatically forwarded to the rest of the contacts. In addition, when answering the survey, exposed user data and information, including the email that is later used for spam.
In response to inquiries from several users, the Mercado Libre Help account tweeted: “The information that is circulating about the raffle is not true. Our team has already followed up with the complaint and corresponding actions. Remember that We never ask for data outside of our application or official site, or accounts with the blue check mark (verified) “.
Last June, a similar message had circulated on WhatsApp using the name of Marcos Galperin’s company: actually, it was another case of phishing -Identity theft-, one of the most common cyber scams.
What is phishing
Although it may seem that phishing is a very refined method, its greatest virtue is deception. Technology experts point out that many threat prevention and containment tools and software can be developed but only training and awareness will eliminate the threat. “Layer 8 error”. A technical name for the mistakes that individuals who use the programs make.
According to studies, in 100% of phishing emails, the cybercriminal uses authority and authority as a resource. 71% of phishing emails add a sense of urgency.
Whether it’s the delivery of an unfulfilled package, a deadline for a competition, or the threat of impending “legal action,” scammers know that persuading us to hurry increases the likelihood of being wrong.
Among the data that cybercriminals want to obtain are passwords, user names, credit card numbers, DNI, Cuit or cuil and PIN codes.
Tips not to fall for cyber scams
Never click on links in emails – This is very important. If, for example, we receive an email from Netflix saying that we have to change our payment method, never click on the email. In almost everything, Netflix will notify us when we open the application or the official page, and in that case we will be sure that the streaming platform could not process a payment.
And never give personal data outside of the official platforms.