June 10, 2013 By Dancho Danchev

Scammers impersonate the UN Refugee Agency (UNHCR), seek your credit card details

Opportunistic scammers have just launched a targeted spam campaign impersonating the UN Refugee Agency (UNHCR) in an attempt to trick users into handing over their complete credit card details as they supposedly make a donation to support Syria’s refugees.

Needless to say, this scam is seeking full access to your credit card details through a fraudulent Web site that’s directly collecting the information, has no SSL support, and is featuring a bogus “Verified by Verisign” logo in an attempt to add more legitimacy in the eyes of the prospective victims.

More details:

Sample screenshot of the spamvertised email:

Syria_Fake_Bogus_Fraudulent_Donation_Site_Campaign_Agency_UNHCR_Scam_Fraud_Credit_Card_02

Fraudulent URL: hxxp://sosmoney.eu/refugees/refugees/Donate%20to%20the%20UN%20Refugee%20Agency%20in%20the%20United%20States%20-%20USA%20for%20UNHCR.htm

Domain name reconnaissance: sosmoney.eu – 81.169.145.144; 2a01:238:20a:202:1091::145

Sample screenshots of the landing page:

Syria_Fake_Bogus_Fraudulent_Donation_Site_Campaign_Agency_UNHCR_Scam_Fraud_Credit_Card

Syria_Fake_Bogus_Fraudulent_Donation_Site_Campaign_Agency_UNHCR_Scam_Fraud_Credit_Card_01

We advise users to always research the Web site they’re about to use before making a donation in order to ensure that they’re not directly sending their credit cards details to fraudsters.

You can find more about Dancho Danchev at his LinkedIn ProfileYou can also follow him on Twitter.

Share Button
true