Fraudulent Christmas greetings

The increased online activity during Corona also calls more cybercriminals to the scene, who try to access users' data or bank details by various means. Malwarebytes security researchers identify several threats that users may encounter on social media platforms over the holidays.

Virtual Christmas concert scam

Pretty much every form of contact with the outside world has been and is being moved to the digital - including going to concerts. In the process, Malwarebytes security researchers analyzed several types of scams: among others, cybercriminals have set up several Facebook pages with a list of fake live streaming events. This is a front for a phishing campaign, as those who want to participate in these streams have to register with their personal data.

Fake donation links

A popular variant among cybercriminals are fake donation links - especially at the end of the year, many people want to donate once again for a good cause or even to artists who hardly had a chance to perform this year. Cybercriminals have bombarded the official pages of musicians or artists with fraudulent links, hoping to direct stream participants to a website asking for "donations".

PayPal money transfer fraud

Fraudsters also like to gain access to other people's accounts in messenger services. Once they have taken over an account, they contact the account holder's contacts and ask them to accept payment from a third party for a Christmas gift they sold to them online - they themselves do not have a PayPal account and therefore cannot receive the payment. The recipients are then asked to pass on the money sent via PayPal by bank transfer - once this is done, the payment made via PayPal is reversed.

Source: malwarebytes.com