• Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions
Monday, February 6, 2023
Flyy News
No Result
View All Result
  • Home
  • World
  • Business
  • Entertainment
  • Health
  • Food
  • Politics
  • Tech
  • Science
  • Travel
  • Fashion
  • Lifestyle
  • Home
  • World
  • Business
  • Entertainment
  • Health
  • Food
  • Politics
  • Tech
  • Science
  • Travel
  • Fashion
  • Lifestyle
No Result
View All Result
Flyy News
No Result
View All Result
Home Tech

Why you’re getting all those Yeti cooler giveaway scam emails in your Gmail inbox

flyynews by flyynews
November 25, 2022
in Tech
0
Why you’re getting all those Yeti cooler giveaway scam emails in your Gmail inbox
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter


Someone claiming to be Kohl’s really wants to give me a beautiful orange Le Creuset dutch oven.

The email always says this is the chain department store’s second attempt to reach me, although I reckon it’s more like the 50th because I’ve gotten this email many, many times over the last few months. You probably have, too. Maybe it’s not from Kohl’s. Maybe it’s from Dick’s Sporting Goods or Costco. Whoever it claims to be from, the result is the same: You click on a link, fill out some kind of survey, and are asked to enter your credit card info to cover the cost of shipping your free Yeti cooler, Samsung Smart TV, or that Le Creuset dutch oven.

An example of a phishing email claiming to be from Kohl’s. It features a set of Le Creuset cookware and says, “Answer & win a brand new Le Creuset. Get started now. Congratulations!”

Spoiler alert: There is no “fantastic prize” waiting for you on the other side of this scam email.

Those items will never come, of course. These emails are all phishing scams, or emails that pretend to be from a person or brand you know and trust in order to get information from you. In this case, it’s your credit card number. This latest campaign is particularly good at evading spam filters. That’s why you may have noticed so many of these emails in your inbox over the last several months. The fact that they got to your inbox in the first place as well as the realistic presentation of the emails and the websites they link to make them more convincing than the typical scam email. These attacks also usually ramp up during the holiday season. So here’s what you should watch out for.

“Grinch is getting security companies coal and blocked IPs for Christmas, and it’s resulting in more spam with domain hop architecture getting into your inboxes,” Zach Edwards, a security researcher, told Recode. Domain hop architecture is the series of redirects that route user traffic across multiple domains to help scammers hide their tracks and detect and block potential security measures.

Akamai Security Research identified the scam campaign in a recent report. The basic idea behind the scam itself — pretending to be a well-known brand and offering a prize in return for some personal information — isn’t new. Akamai has been following these kinds of grifts for a while. But this year’s version is new and improved.

“This is a reflection of the adversary’s understanding of how security products work and how to use them for their own advantage,” Or Katz, Akamai’s principal lead security researcher, said.

An example of a scam email pretending to be from Costco. It features a woman in a yoga pose in front of a large-screen TV and it reads, “Pure cinematic 8K viewing. Get it now. Costco wholesale Samsung OLED 8K UHD HDR Smart TV. Congratulations! You have been chosen to participate in our loyalty program for free! Answer survey.”

Sorry, but you’ll have to buy a Samsung TV from Costco just like everyone else. This survey is just trying to steal your credit card information.

Basically, these scammers are deploying lots of technical tricks to evade scanners and get through spam filters behind the scenes. Those include (but aren’t limited to) routing traffic through a mix of legitimate services, like Amazon Web Services, which is the URL several of the scam emails I’ve received appear to link out to. And, Edwards said, bad actors can identify and block the IP addresses of known scam and spam detection tools, which also helps them bypass those tools.

Akamai said this year’s campaign also included a novel use of fragment identifiers. You’ll see those as a series of letters and numbers after a hash mark in a URL. They’re typically used to send readers to a specific section of a website, but scammers were using them to instead send victims to completely different websites entirely. And some scam detection services don’t or can’t scan fragment identifiers, which helps them evade detection, according to Katz. That said, Google told Recode that this particular method alone was not enough to bypass its spam filters.

“What we see in this recently released research is new and sophisticated techniques being used, indicating the evolution of the scam, reflecting on the adversary’s intention to make their attacks hard to be detected and classified as malicious,” Katz said. “And, as we can see, it is working!”

But you don’t see any of that. You just see the emails. At best, they’re annoying, and at worst, they could trick you into giving your credit card details to people who will presumably use that information to buy a lot of things on your tab. The fact that they’re in your inbox in the first place adds a veneer of legitimacy, and both those emails and the websites they send victims to look better and therefore might be more convincing than some typical phishing attempts. They also seem to change according to the season or time of year. Akamai’s examples, which it collected weeks ago, have a Halloween theme. More recent phishing emails send users to a website boasting of a “Black Friday Special.”

“The literal holiday banners are unique, so that’s a cool newish addition,” Edwards said.

An example of a scam website claiming to offer a prize from Dick’s Sporting Goods. It has a picture of a Yeti cooler and reads, “Dick’s Sporting Goods, November 21, 2022. Congratulations! You’ve been chosen to receive a brand new Yeti M20 Cooler! To claim, simply answer a few quick questions regarding your experience with us. Attention, this survey offer expires today, November 21, 2022. Start survey.”

Dick’s Sporting Goods isn’t giving away a Yeti Cooler, even if you fill out a survey.

And it’s all being deployed on an apparently massive scale, which is why most people reading this have probably gotten not just one of these emails, but an onslaught of them, extended over a period of months.

Or, as one of my co-workers said to me when she forwarded me an example of just one of the many scam emails she’s received in her Gmail inbox: “help.”

A spokesperson for Google told Recode that the company is aware of the “particularly aggressive” campaign and is taking measures to stop it.

“Our security teams have identified that spammers are using another platform’s infrastructure to make a path for these abusive messages,” they said. “However, even as spammers’ tactics evolve, Gmail is actively blocking the vast majority of this activity. We are in contact with the other platform provider to resolve these vulnerabilities and are working hard, as always, to stay ahead of the attacks.”

Google also recently put out a blog post warning users about common holiday season scams, and the fake giveaway was at the top of the list.

“Received an offer that looks too good to be true? Think twice before clicking any links,” Nelson Bradley, manager of Google Workspace Trust and Safety, wrote.

Google also noted that it blocks 15 billion spam emails every day, which it believes to be 99.9 percent of the spam, phishing, and malware emails its users are being sent. In the last two weeks, Bradley wrote, there’s been a 10 percent increase in malicious emails. To be fair, I think there are more fake Kohl’s giveaway emails sitting in my spam filter than in my inbox.

The spokesperson added that Gmail users can use its “report spam” tool, which helps Google better identify and prevent future spam attacks. Beyond that, the typical how to avoid getting phished tips still apply. Check the sender’s email address and the URL it’s linking out to. Don’t give out your personal information, especially not your account passwords or credit card numbers. Take a few seconds to think about why Kohl’s would just randomly decide to give you Le Creuset bakeware or Dick’s would give you a Yeti cooler worth hundreds of dollars just for answering a few basic survey questions. The answer is that they wouldn’t.

You could also just spend your Black Friday shopping for real items in real stores (or on their real websites) and giving your credit card details to real employees. Good luck out there; the Google spokesperson said the company expects that the scam campaign will “continue at a high rate throughout the holiday season.” So it’ll almost certainly continue even after Black Friday ends.

Help keep articles like this free

Understanding America’s political sphere can be overwhelming. That’s where Vox comes in. We aim to give research-driven, smart, and accessible information to everyone who wants it.

Reader gifts support this mission by helping to keep our work free — whether we’re adding nuanced context to unexpected events or explaining how our democracy got to this point. While we’re committed to keeping Vox free, our distinctive brand of explanatory journalism does take a lot of resources. Advertising alone isn’t enough to support it. Help keep work like this free for all by making a gift to Vox today.

Yes, I’ll give $120/year

Yes, I’ll give $120/year


We accept credit card, Apple Pay, and


Google Pay. You can also contribute via





Source_link

READ ALSO

TikTok food trends spike demand and stress on workers and supplies

15 Fabulous Food Gifts Under $25 for Valentine’s Day

Related Posts

TikTok food trends spike demand and stress on workers and supplies
Tech

TikTok food trends spike demand and stress on workers and supplies

February 5, 2023
15 Fabulous Food Gifts Under $25 for Valentine’s Day
Tech

15 Fabulous Food Gifts Under $25 for Valentine’s Day

February 5, 2023
Razer’s Cage-Like Mouse Is a $280 Goth-Metal Jewel
Tech

Razer’s Cage-Like Mouse Is a $280 Goth-Metal Jewel

February 5, 2023
Elon Musk and Tesla found not liable in lawsuit over “funding secured” tweet
Tech

Elon Musk and Tesla found not liable in lawsuit over “funding secured” tweet

February 5, 2023
Microsoft alleges attacks on French magazine came from Iranian-backed group
Tech

Microsoft alleges attacks on French magazine came from Iranian-backed group

February 4, 2023
AI models spit out photos of real people and copyrighted images
Tech

AI models spit out photos of real people and copyrighted images

February 4, 2023
Next Post
Genetically modified tobacco plant produces cocaine in its leaves

Genetically modified tobacco plant produces cocaine in its leaves

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

POPULAR NEWS

Angel -Dave Curl – Official Music Video 2022

Angel -Dave Curl – Official Music Video 2022

November 17, 2022
Proud By Cytonic Rhymes – Official Music 2022

Proud By Cytonic Rhymes – Official Music 2022

November 25, 2022
Sweet Bennie Ray – Whole Lot (Official Music Video)

Sweet Bennie Ray – Whole Lot (Official Music Video)

December 22, 2022
SUPER VITAMIN C COLLECTION | STRIVECTIN

SUPER VITAMIN C COLLECTION | STRIVECTIN

December 16, 2022
Rain And Lily Pond Sounds | 10 Hours | Sleep, Relaxation | Dark Screen

Rain And Lily Pond Sounds | 10 Hours | Sleep, Relaxation | Dark Screen

November 14, 2022

About Us

Welcome to Flyy News The goal of Flyy News is to give you the absolute best news sources for any topic! Our topics are carefully curated and constantly updated as we know the web moves fast so we try to as well.

Follow us

Categories

  • Business
  • Entertainment
  • Fashion
  • Food
  • Gaming
  • Health
  • Lifestyle
  • Politics
  • Reviews
  • Science
  • Tech
  • Travel
  • World

Site Links

  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions

Recent News

  • Russians Protest Invasion Of Ukraine Despite Crackdowns On Dissent
  • George Santos Must Resign or Be Expelled
  • Experts Fear Bird Flu Outbreak Could Turn Into New Pandemic
  • Chaotic cash shortage forces Nigerians to wait hours for $43

Copyright © 2022 Flyynews.com | All Rights Reserved.

No Result
View All Result
  • Home
  • World
  • Business
  • Entertainment
  • Health
  • Food
  • Politics
  • Tech
  • Science
  • Travel
  • Fashion
  • Lifestyle

Copyright © 2022 Flyynews.com | All Rights Reserved.

What Are Cookies
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT