We can only repeat the warnings again and again: Spam mails very often promise you wonderful things, but you won't receive any kind of luxury goods or vouchers for free. The only thing you receive is more spam and you might also become a victim of data thieves and fraud.
This particular colorful website promises you a €250 eBay voucher. It is even announced to be "PayPal verified" (with a 5 year old logo) to make it look more reliable! Supposedly, your gift is only a few steps away: You only have to fill in your personal data: gender, name, date of birth, e-mail address, postal address AND, the most important information, a valid telephone number. The company assures that it meets all requirements set by the German Federal Data Protection Act. We seriously doubt that!
How to get your money... supposedly
It only takes a few moments after accepting the terms & conditions and clicking on "give me my voucher"-button until the phone rings - a German mobile phone number appears in the display: 01706409573. A digital voice reads out a text and asks us to press the digits "1" and "9" to confirm that we want to receive the voucher and participate. We intentionally did not proceed at this point, but there are numerous reports on the Internet, from people who fell for this scam.
They report about the phone call after pressing "1" and "9": A service agent joins in and asks for more personal data and especially the bank account data. As soon as this service agent has received the bank account data, the scammers have access to your money and start to debit money from your account. But, of course, the victim only gets to know about this days or weeks later, when he/she collects a bank statement. The scammers' dubious justification to take money from them seems to be that the participants accepted the terms & conditions on the website and confirmed the "1" and "9" during the phone call. This serves as consent, they think.
The scam
During the last weeks we encountered many different shapes and forms of this kind of scam: Some e-mails offer free cell phones, some a free pay-tv account, brand new iPads or PCs, others a new Opel car, cash money, luxury watches and much more.
The spam mails promise these luxury goods for free. But as soon as the user visits the website, the offer turns into a lottery! The terms and conditions a participant has to accept include consents for storing the personal data and further usage of it for marketing and other means of advertisement - and therefore most probably fraud.
All websites have the same host company in common: Red Line Inc. from Antigua and Barbuda. This makes it extremely difficult, if not impossible, to conduct a prosecution.
Furthermore, all websites are hosted on Aquatix IT services servers from Frankfurt, Germany. It is almost impossible to identify all of the websites, because the spammers use hundreds of throwaway domains (e.g. .net or .biz and others)
What you can do
Even though this is a German specific spam campaign in , there are similar scams all over the globe, popping up again and again.
- Do not try to use the unsubscribe button - All feedback the scamsters get shows them the e-mail address they used is a valid one. This will lead to more spam in your inbox. Just delete the spam mails!
- Do not enter your data on any of these websites! The data collectors will use this for further fraud and probably also sell the information to other crooks!
- Use a good security suite with integrated spam filter to rule out the unsolicited bulk e-mail before it reaches your inbox!