Scammers frequently use the guise of well-known companies to reach out to a specific community. The attackers in a new malicious activity discovered by Kaspersky experts were hidden behind the technology company Nvidia. To commemorate the company’s 30th anniversary, the attackers created a fake website that invited visitors to take part in a $50,000 bitcoin giveaway. However, the scammers made a mistake by using the Nvidia logo in an incorrect violet color, when it is actually green.
The page contains a “Participate” button that, when clicked, takes the visitor to a page with detailed information on the giveaway; however, it is riddled with spelling errors, which is unacceptable for a reputable company like Nvidia. The page encourages potential victims to donate before entering the giveaway and features an image of Nvidia CEO Jensen Huang. Successful participants are told they can double their donation or even hit the “jackpot,” which is worth $50,000 in bitcoin. Users can send their ‘donation’ using the crypto wallet credentials provided on the page.
The webpage with detailed information supported by fake Nvidia chatbot
The scammers’ wallet can be found on blockchain.com, but the total account balance is 0.42 BTC (8 495 USD) – far less than the advertised 50 thousand bitcoins. It’s unclear whether the money in there came from donations or not, but the account history shows several transactions from unknown senders.
“Crypto scams that involve images of celebrities, or power brands, become trendy these days. We’ve witnessed campaigns with Elon Musk, Bill Gates, and Pavel Durov. This time the attackers went further, launching fraudulent activity on behalf of Nvidia’s CEO and connecting it to a very special occasion for the company. Our primary advice is to carefully check all the links you follow while surfing the net, and avoid donating to untrustworthy initiatives”, comments Olga Svistunova, a security expert at Kaspersky.
To avoid scams, save money and keep personal data private, Kaspersky experts share the following simple tips:
· Check any links before clicking. Hover over them to preview the URL and look for misspellings or any other irregularities.
· Sometimes fake websites look just like real ones. It depends on how well the criminals did their homework. Hyperlinks are the most likely to be incorrect — often containing spelling mistakes — but these links can also be disguised to look valid and redirect you to a different page, impersonating the legitimate site.
· To protect your data and finances, it is good practice to make sure the online checkout and payment page is secure. You’ll know it is if the web page’s URL begins with HTTPS instead of the usual HTTP; an icon of a lock will also typically appear beside the URL and the address bar, showing in green on some browsers. If you don’t see these features, do not proceed.
· Use a trusted security solution that can help check the security of the URL that you’re visiting, and can also provide the ability to open any site in a protected container to prevent theft of sensitive data, including financial details.