Cybercriminals target Trump’s digital trading cards using phishing sites, fake domains, and social engineering tactics to steal sensitive data. Scammers create fake URLs mimicking the official site to deceive collectors.
Cybercriminals are now aiming at your digital collectable cards, with former President Donald Trump‘s new digital trading cards being the latest target. Since launching, Trump’s digital trading cards, which offer exclusive digital assets and real-life experiences, have generated substantial attention among collectors and supporters.
According to cybersecurity firm Veriti, malicious actors are using phishing sites, fake domains and various social engineering tactics to trick users into revealing sensitive information or installing malware.
One example of a fake domain is trumpdigitaltradingcards/.xyz, which mimics the official URL (collecttrumpcards/.com) but with subtle differences. Another instance is a fake site from the Democratic Party, which surfaced under the domain collecttrunpcards/.com in which the domain uses an “N” replacing the “M” in “Trump”).
But how do these scams work?
Attackers are using traditional phishing tactics, including email phishing and domain typosquatting, to lure in victims. Email phishing involves sending emails that appear to be from legitimate sources, and promoting limited-time offers on Trump’s digital cards, which often contain malicious links that lead to phishing websites.
“Attackers are leveraging the popularity of these trading cards to exploit users’ curiosity and desire to acquire them,” explained Veriti in its report shared with Hackread.com ahead of publishing on Tuesday. “The scams range from fake websites that look almost identical to the official site to more traditional phishing emails promising limited-time offers.”
Not The First Time
Trump has been used as bait for cybercrime before, and his supporters have been targeted in financial scams multiple times. In July of this year, scammers stole donations from his supporters by setting up fake and malicious websites.
In another scam, hackers used a fake Trump assassination story to steal cryptocurrency from his supporters. In January 2021, a phishing video link tied to Trump’s election campaign was found spreading the QNode RAT malware.
Nevertheless, if digital collectable cards are your passion, it’s essential to be aware of the associated risks. By staying alert and taking necessary precautions, you can protect yourself from phishing scams and your personal information from scammers. Follow these simple tips to stay secure:
- Use common sense; it’s the best defence against any kind of attack.
- Look for HTTPS, which adds a layer of security to your browsing experience.
- Double-check URLs before entering any personal information, as phishing sites often use slight variations in spelling to fool users.
- Be cautious of unsolicited emails, and instead of clicking directly on the link, navigate to the official website by typing in the URL manually.
- Follow Hackread.com for the latest news on cybersecurity and online scams.
