Phishing Scam Targets Asda Shoppers

Supermarket shoppers in the UK have been targeted by a phishing scam run via the social networking sites Facebook and Twitter. 

Unscrupulous scammers ran sponsored adverts on the sites offering women who were born in October a free £1000 gift card to spend at Asda. 

Victims who clicked on the advert's link were led to a malicious site, sneakily decked out in the supermarket's official branding to make it look legitimate.

The misled social media users were then instructed that in order to claim their gift card, they must first enter their personal details including name, home address, cell number, bank account details and bank card security number.

The paid for malicious ad depicted two women and a shopping trolley laden with groceries bearing branding not typically seen in UK supermarkets. 

Alongside the image was the text: “Good news, we are giving away £1000 Asda Gift Cards across the country to raise brand awareness! Please complete a short survey below to figure out if you’re eligible to get it. Act fast! Only 949 Gift Cards left.”

A member of Asda's service team confirmed that the £1000 gift card giveaway was fraudulent after being contacted by a user from Manchester who spotted an ad for the falsified scam on Twitter.

The ASDA Service Team Twitter feed responded to the user's query on August 10 by saying: “I can confirm this is not an advertisement from us, this looks to be a scam.”

The fraudulent ads were first identified by niche litigation practice Griffin Law. The UK firm's research team has found evidence that around 100 potential victims have already reported seeing the advert on Facebook. The team believes that none of the victims who reported the scam were taken in by it. 

“With the majority of people still working from home or on furlough due to the COVID-19 crisis, we’re seeing a sharp rise in online scams offering everything from gift cards to discounts on everyday essentials,” commented Centrify vice-president Andy Heather. 

“These fraudulent posts are specifically designed to catch consumers off-guard, often making use of sponsored posts to fool unsuspecting victims into handing over personal information such as bank details.”

What’s Hot on Infosecurity Magazine?