Opportunistic scammers have just launched a targeted spam campaign impersonating the UN Refugee Agency (UNHCR) in an attempt to trick users into handing over their complete credit card details as they supposedly make a donation to support Syria’s refugees.
Needless to say, this scam is seeking full access to your credit card details through a fraudulent Web site that’s directly collecting the information, has no SSL support, and is featuring a bogus “Verified by Verisign” logo in an attempt to add more legitimacy in the eyes of the prospective victims.
More details:
Sample screenshot of the spamvertised email:
Fraudulent URL: hxxp://sosmoney.eu/refugees/refugees/Donate%20to%20the%20UN%20Refugee%20Agency%20in%20the%20United%20States%20-%20USA%20for%20UNHCR.htm
Domain name reconnaissance: sosmoney.eu – 81.169.145.144; 2a01:238:20a:202:1091::145
Sample screenshots of the landing page:
We advise users to always research the Web site they’re about to use before making a donation in order to ensure that they’re not directly sending their credit cards details to fraudsters.
You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.
