Scammers Using Easter Candy To Swipe Individuals’ Information, Here’s How
Learn how and Easter Candy scam is tricking people into handing over their personal information.
This article is more than 2 years old
As Easter approaches, social media users have been plagued by a horrible candy scam. Created by cyber-criminals, messages doing the rounds on WhatsApp say that folks can claim a free Easter chocolate basket from Cadbury. The texts are accompanied by a link that leads to a website asking users to enter personal information. Now, the confectionary company has issued a warning to chocolate lovers, confirming that the offer is not genuine.
In a statement on social media, Cadbury urged the public not to interact with the fake messages and said it is working to resolve the Easter candy scam. “We’ve been made aware of circulating posts on social media claiming to offer consumers a free Easter chocolate basket,” the post said. “We can confirm this hasn’t been generated by us. And we urge consumers not to interact.” The sweet giant also said customer security is a top priority.
The statement from Cadbury has been welcomed by chocolate enthusiasts because the Easter candy scam looks very authentic. The message includes a picture of a white rabbit on a lawn in front of a large historic-looking house, Sky News reports. In the rabbit’s paws is a purple Cadbury Easter egg, printed with the words “Join the Cadbury Easter egg hunt.” Along with the image is a message which says, “Cadbury FREE Easter Chocolate Basket, 5 free gifts for you.” It is accompanied by the malicious link.
Speaking about the Easter candy scam to Infosecurity Magazine, application security consultant Miclain Keffeler said this attack highlights the weakest link in security which is the human factor. “Receiving messages from trusted contacts skews our opinion on content, and makes us trust the content inherently rather than questioning it with the same intensity as we do messages from people we don’t know.”
Keffeler added that social media companies need to improve their cyber security to protect customers from breaches similar to Cadbury’s Easter candy scam. “There is a responsibility on social media sites like Facebook,” he told the publication. “There is work to be done regarding who can create new pages and can claim to be somebody they are not.”
According to the Evening Standard, the Easter candy scam seems to be connected to a data harvesting operation in Russia. The outlet said that images of the text shared on social media showed a WhatsApp message containing a link to a Russian URL that tricks people into clicking on it. The source of the scam isn’t all that surprising. Since the Kremlin invaded Ukraine in February, there has been a spike in scamming activity.
Moreover, several security experts recently said that criminals were taking advantage of the war to trick well-meaning people into donating to fake good causes, Business Insider reports. Additionally, the United Kingdom’s Merseyside police also warned the public about the Easter candy scam, saying although it understands that people might find the offer of free chocolate a little hard to resist, it was a scam designed to gain access to sensitive personal details.
