Numerous mobile users tricked to provide personal data

A phishing site promoting free flights tricked numerous users into revealing personal details

A phishing website offers receiving free tickets from the biggest airline companies, Ryanair, EasyJet, Delta Airlines.

Recently, Farsight Security^[1] announced a newly-discovered phishing campaign which included dubious sites seeking to convince users into revealing their personal details. Such web pages claimed to be from the biggest Europe's airline Ryanair^[2], British airline easyJet, and Delta Airlines that were allegedly offering free tickets. As a result, numerous mobile phone users have found themselves scammed.

To claim fake tickets, users were given a few easy and harmless-looking questions to answer. During the next stage, they had to offer the site to their 15 friends on WhatsApp. According to the phishing website, that was the only way to get free airline tickets.

Any user can step on a phishing URL

The fake website was not working as it should when opened on a PC or laptop. As a result, researchers believe that the scam was created to target mobile users. As Dirk Morris from Untangle^[3] claims, users using small mobile phone screens are more likely to step on a dubious link without expecting this:

Users, especially on smaller mobile screens, may not be paying close attention to the URLs or domain names of sites to verify their legitimacy.

Sadly, such activity is very common nowadays. There are various harmful websites and spam messages spread with an intention to gather personal information from unaware users and then misuse it. However, the good news is that some organizations are taking precautionary measures against these type of attacks:

These types of contest phishing scams have become increasingly sophisticated, in large part because people are getting trained by their organizations to recognize fake emails, giveaway scams or imposter websites asking for credit card or login details, – said Atif Mushtaq from SlashNext^[4].

Avoid scams and keep your sensitive data safe

It is very important to know how to avoid phishing content on the Internet. Beware that you can get redirected to a phishing web page if you carelessly step on every link you see throughout the web. Such pages might come in the shape of some well-known brand and try to convince you about their legitimacy.

Furthermore, you can be involved in misleading scams asking you to type in personal details. These types of scams collect various personal information and misuse it for numerous illegal activities. Stay away from every dubious-looking page and link because you cannot know what is hiding behind it.

Moreover, beware that phishing scams can also spread through email messages^[5]. Every time you receive an email, check the sender's email address. If it looks suspicious, has lots of numbers, there is a big chance that such a message was sent to you with bad intentions. Additionally, if the written content includes grammar and spelling mistakes – it cannot be from a trusted and serious organization.

Note that banking organizations or other institutions do not ask for personal details such as your social security number through an email message. DO NOT provide any sensitive information or account login details by email. Eliminate all dubious-looking email messages that you receive without even dealing with them.