McDonald's opinion poll phishing emails detected

Unfortunately, as Troy Gill of the IT security vendor notes, the address is a fake one and the 'opinion poll' message appears to a phishing email.

"You have been selected to participate in a public opinion poll conducted by McDonald's, a non-partisan polling organisation", reads the email.

In his security blog on the email, Gill says that the routed phishing pages all use McDonalds graphics "pulled directly from their website to give the appearance of a legitimate survey."

"The messages appear addressed from McDonalds Consulting and urge you to follow a link to take the survey. There are only 5 questions that you must answer before you receive your $250 reward", he notes.

According to the AppRiver security researcher, once you click to submit your answers you are taken to a page that requests your personal information along with your credit card number so that they can 'credit' your account with the $250 reward.

"Of course this is where the blackhats are waiting to collect your information for use or possibly for resale. After submitting your info you are redirected to the real McDonalds website, which is designed to decrease suspicion that you were just phished", says Gill.

Commenting on the phishing attempt Softpedia says that the new campaign follows a nearly identical one spoofing the Coca-Cola Company.

In fact, says Lucian Constantin in his weekend report on the phishing email, there is enough evidence to suggest the two are the work of the same group of phishers.

What’s Hot on Infosecurity Magazine?