The research laboratory of computer security firm Eset Latin America found a fake video announcing the death of the singer Ricardo Arjona in a "tragic plane crash" and is used to steal sensitive information from users.
The research laboratory of computer security firm Eset Latin America found a fake video announcing the death of the singer Ricardo Arjona
in a "tragic plane crash" and is used to steal sensitive information from users.
This is a new "scam", a scam conducted through technological means such as email or fake websites.
This time the cybercriminals used as a method of attracting users, the announcement of the false death of Arjona
Clicking on this news, the victim accesses a shortened link which won over 12 thousand clicks in two days with a peak at 20.00 on 25 May.
Thus, the user is redirected to another page where you can play the video, indicating the number of people who are watching that at the time of analysis amounted to 5,265 people.
But clicking on the video opens a fake login page of Facebook that has the function of stealing account credentials.
After entering the credentials you can see the video but only just three seconds are shown archive images of the singer, accompanied by a plinth which states: "Naomi Morales widow dies Arjona
- Mother of singer Ricardo Arjona
Then, the video stops and asks the user to share it on Facebook, so that the "scam" further spread and appearing at the beginning of most accounts.
"After analysis, we can see that clearly a scam to steal credentials as the user information is sent by plane to the page, which only returns a function to close the pop-up text," said Pablo Ramos, head of Research Lab ESET Latin America, in a summary of the research that the company sent iProfesional.
The research team found that this "scam" had a big impact in Latin America.
Three of the four countries most affected are in the region: Argentina, Colombia and Mexico, with 35%, 32% and 3% respectively of total clicks.
"This kind of deception can lead users to hand over their keys to cybercriminals, who simply make use of the use of social engineering to achieve. Therefore, to identify deception is always recommended to look at the URL and make sure you are logging into the network, and not a fake site, "advised Ramos.