14 DAY TRIAL // Around the same time last year, cybercriminals started sending out phishing emails carrying the subject line “Free Tesco Christmas Voucher Shop For Free.” Now, experts say they’re seeing variants of this scam landing in inboxes once again.
According to ESET’s David Harley, the emails are entitled “Free Tesco Vouchers for Christmas” and they read something like this:
“Dear Valued Customer, Tesco Bank is giving you a chance to shop for free at any of our tesco outlets or online by giving out free tesco vouchers for Christmas.
This offer is only for Tesco Credit Card and Tesco Savings/Loan owners and it will be valid to use until the 31st of December,2013. SAVINGS OR LOAN CUSTOMER CLICK THE LINK BELOW.”
The emails are well designed, and the phishers are even using a festive logo of Tesco Bank. Experts believe that since the emails appear to come from a bank, the messages might appear more genuine to many users.
The links don’t point to a legitimate Tesco website, but to a phishing page where victims are instructed to hand over their personal and financial details.
Harley highlights an interesting thing about this particular spam run. Unlike other similar campaigns, which aren’t particularly topical, this one is.
“This one, however, resembles the sort of topical approach we associate with other kinds of malicious activity (botnets, fake AV, charity/disaster relief scams and so on) where social engineering is based on a current seasonal event (Xmas, Valentine’s Day, Cyber Monday) or news item (real or fake),” the expert noted in a blog post.
If you come across such emails, delete them immediately. If you’re a victim of this scheme, you might want to notify Tesco Bank, and keep a close eye on your account.