Fake 'Google sweepstakes' scam targets SA

Cyber crooks typically use brands like Google to conduct their activities. (Duncan Alfreds, Fin24)
Cyber crooks typically use brands like Google to conduct their activities. (Duncan Alfreds, Fin24)

Cape Town - Cyber crooks are engaged in a scam targeting South Africans that seeks to extract user information.

The phishing scam involves victims being chosen as one of 12 winners of an "Email Electronic Sweepstakes" supposedly operated by Google.

The scammers exploit the scepticism that web users are likely to display at winning a competition that they had not entered by saying "It is obvious that this notification will come as a surprise to you".

Internet users are offered £950 000 and a number of gadget prizes that may be claimed by simply entering personal details. You are also promised a Google Ambassador opportunity as part of the prize.

Unlike a normal phishing scam where the victim is directed to a fake website, the latest trick is designed to fool email filters by including the message as an image and directing users to respond with personal details.

READ: Online scams hurt SA classified users

The email is purportedly from the Google Corporation and signed by "Matt Brittin, Chairman of the Board and Managing Director, Google United Kingdom", but a check of the link reveals the message directs to a completely different domain.

Phishing strategy

Phishing is a successful method that criminals use to exploit internet users in a bid to steal personal and financial information.

Cyber crooks will typically exploit well-known brands to fool victims. (Duncan Alfreds, Fin24)

"The most effective phishing attacks can succeed 45% of the time, nearly 2% of messages to Gmail are designed to trick people into giving up their passwords, and various services across the web send millions upon millions of phishing emails, every day," wrote Drew Hintz, Google security engineer and Justin Kosslyn of Google Ideas on the official blog recently.

Google advised that internet users - whether they be expert or not - should practice a security mindset by updating software on a regular basis, using a password manager to create strong pass codes, employing antivirus software as well as two factor authentication.

"No practice on either list - expert or non-expert - makes users less secure. But, there is clearly room to improve how security best practices are prioritised and communicated to the vast majority of (non expert) users," wrote Iulia Ion, Rob Reeder and Sunny Consolvo.

The scammer ironically warns users that they should keep the prize number secret to "avoid double claiming and unwarranted abuse of this programme by unscrupulous elements".

Have you been targeted by this scam? Tell us by clicking here.

- Follow Duncan on Twitter

Brent Crude
All Share
Top 40
Financial 15
Industrial 25
Resource 10
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Do you think it was a good idea for the government to approach the IMF for a $4.3 billion loan to fight Covid-19?
Please select an option Oops! Something went wrong, please try again later.
Yes. We need the money.
11% - 1352 votes
It depends on how the funds are used.
73% - 8801 votes
No. We should have gotten the loan elsewhere.
16% - 1941 votes