Chocolate lovers have been warned to ignore a convincing scam offering a free Easter basket as it is linked to a data harvesting operation inside Russia.
The offer, which is being shared on Whatsapp, contains a link to a Russian URL which has since been taken down.
Victims were asked to ‘Join the Cadbury Easter Egg Hunt’ with the offer of up to 5,000 free gifts.
Entrants were asked to click on a link which asked for personal information such as passwords.
Chocolate fans were warned against clicking on this Russian-hosted link which had been circulated by fraudsters offering free Cadbury Easter baskets
Action Fraud is investigating the suspicious link after being alerted by Cadburys who urged customers to ignore the bogus offer
Cadburys warned their customers to avoid clicking on the link which was looking for personal information that could be used in fraud
Cadburys confirmed they are aware of the criminals using the firm’s name and warned customers against clicking on the social media link.
A spokesman for Cadbury’s parent company Mondelez said: ‘We’ve been made aware of circulating posts on social media, claiming to offer consumers a free Easter Chocolate basket.
‘We can confirm that this has not been generated by us and would urge consumers not to interact or share personal information through the post.
‘Customer security is our priority and we’re working with the relevant organisations to ensure this is resolved.’
According to Action Fraud, who are based at the City of London Police: ‘Cyber criminals use fake messages as bait to lure you into clicking on the links within their scam email or text message, or to give away sensitive information (such as bank details).
‘These messages may look like the real thing but are malicious. Once clicked, you may be sent to a dodgy website which could download viruses onto your computer, or steal your passwords.’
Action Fraud said people should ‘take a moment’ to think before entering personal information onto a website.
According to their experts: ‘It is okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.’
If someone thinks they have been hit by a fraud, they should contact their bank immediately to block all payments and report the matter to Action Fraud, or call 0300 123 2040.
Merseyside Police has also issued a public warning about the scam, urging people to avoid clicking on the link contained in the message as it was an attempt to ‘gain access to your personal details’.
The message appears to be a type of phishing scam, where criminals create messages that look genuine in order to trick consumers into clicking a link to a bogus website where viruses could be installed on their device, or having them hand over personal information which can be used to gain access to financial information or online bank accounts.
Cyber security experts have warned that an offer appears ‘too good to be true’ it is probably a scam
Cybersecurity experts have reported a notable increase in this type of scam in the last two years, with criminals using the uncertainty of the pandemic to try to scam people by posing as government departments, the NHS and delivery services – sending emails and text messages claiming to be related to the vaccine rollout, contact tracing and parcel deliveries during lockdown.
Security experts also warn that if an offer sounds too good to be true, it often is.
Earlier this week, Jeremy Fleming, head of the UK’s GCHQ electronic spy agency warned the Kremlin is hunting for cyber targets in the UK and other western countries.
Speaking in Canberra, Australia, Mr Fleming warned that Russia was searching for targets among countries opposing their war in Ukraine.
GCHQ’s Jeremy Fleming, pictured, warned that Russian cyber criminals were seeking targets in the west as a result of the Kremlin’s ongoing war in Ukraine
He said GCHQ’s National Cyber Security Centre has picked up signs of ‘sustained intent’ by Russia to disrupt Ukrainian government and military systems.
‘We´ve seen what looks like some spillover of activity affecting surrounding countries,’ Fleming said. ‘And we´ve certainly seen indicators which suggest Russia´s cyber actors are looking for targets in the countries that oppose their actions.’
He provided no further details. He said the U.K. and other Western allies will continue to support Ukraine in beefing up its cybersecurity defenses.
In the United States, Bryan Vorndran, assistant director of the FBI’s cyber division warned Russian hackers have been scanning the systems of energy companies and other critical infrastructure ahead of a potential attack.