Scammers mimic the FTC to gather payments from victims

Hackers try to get users involved in money swindling schemes

Scammers mimic the FTC to gather payments from victims"Official Personal Data Protection Fund" scam website claims that the user's personal information got leaked and provides a fake monetary refund

Scammers have thought about another tactic of how to swindle money from gullible users. They have managed a web page that offers monetary refunds for people who are claimed to be victims of data leaking attempts. The hackers pretend to be from the United States Federal Trading Commission[1] in order to create a legitimate look.

The main goal of this scamming scheme is to urge for small sums of money in exchange for promising to transfer back a bigger sum that eventually does not happen and the victims are left with monetary losses only.

Data Verification Form requires entering some personal and contact information

The scamming page holds the name of “Official Personal Data Protection Fund” and can look very official and legitimate from the first view. All victims receive promises to get payed as a refund for the damage that was performed during the data breach and the residence country of the person appears not to be important in this case.

However, in order to find out the sum that the person is going to receive, the user first has to answer the misleading verification service that is provided to them after visiting the fake website. This service offers users to check if any of their sensitive details ever got breached during a data leak incident.

The scam requires the users to enter their names, last names, mobile phone numbers, and additional information in order to find out the amount of sum that they should receive. The Data Verification Form urges to choose a verification type from the four given options that are “Social networks”, “Messengers”, “Ad Networks”, and “Other”.

The scammers urge to purchase a temporary SSN even if you have a real one

A security expert named Tatyana Sidorina from Kaspersky[2] states that you can fill whatever information you like into the form and you will always be provided with claims that your data was leaked and there is a special refund awaiting you. The specialist tried typing “fghfgh fghfgh” into the “Name” section and the results revealed fake information, video, and photo leakages.

Afterward, Sidorina was provided with a special refund that reached $2,567. The only way to receive this amount of money was to reveal your banking card number and the SSN.[3] For those who do not have an SSN, the scam offers to purchase one for a two-day validation period for a tempting price of $9,32.

If you do try to complete the transfer without buying an SSN, the site will return an error and demand a temporary number. And if by some chance you happen to specify a valid SSN in the fraudulent form, you will still be asked to buy a temporary one.

However, there is one trick here. No matter if you provide your existing SSN, you will still be prompted to purchase a temporary one (this is the way for the scammers to receive income from you). Nevertheless, the payment window requires a price that is converted to rubles.[4] This fact creates speculation that the scammers might be residing in Russia.

There are some signs that allow identifying a scam website

There are some factors that signify about the website's suspiciousness. First of all, accurate users who understand that the FTC is situated in the United States should get confused by the fact that these people offer to refund victims from ALL countries.

Continuously, finding grammar or style mistakes on the fake website or misleading payment window also should signify something unusual as official organizations do not leave unchecked words or sentences on their official websites. We recommend all users to be aware of scam websites such as this one.[5] Do not hurry to enter personally-identifiable information into unknown locations that promise you rogue refunds.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

Ugnius Kiguolis is a professional malware analyst who is also the founder and the owner of 2-Spyware. At the moment, he takes over as Editor-in-chief.

Contact Ugnius Kiguolis
About the company Esolutions

References
Files
Software
Compare