Asda phishing scam targets women with ‘£1,000 gift card offer’ via Facebook

Cyber security guru Andy Heather of Centrify issues warning over new Asda phishing scam desgined to steal data of customers

by Patrick Sullivan, Political Editor on 14 August 2020 11:03


Asda shoppers have been warned to be on be on the lookout for a sophisticated phishing scam, which is being advertised on social networking site Facebook. The fraud, first identified by a leading UK litigation practice, begins within a sponsored advert, offering shoppers ‘women born in October’ a free £1,000 gift card.

The paid-for ad is in the name of a page called ‘ASDA Gifts’ and includes a photograph of two women with a shopping trolley loaded with groceries, all of which appear to be foreign branding and not available in UK stores.

The text of the advert says, “Good news, We are giving away £1000 Asda Gift Cards across the country to raise brand awareness! Please complete a short survey below to figure out if you’re eligible to get it. Act fast!

Only 949 Gift Cards left.” The link leads to a fraudulent claim site, using official Asda branding. It asks victims to enter their name, home address, mobile number, bank account details, SORT code and 3-digital security number in order to claim their gift card.

One user from Manchester complained about receiving the advert on Twitter and the ASDA Service Team feed responded saying, “I can confirm this is not an advertisement from us, this looks like a scam.”

The law firm's research team has established that around 100 potential victims have already reported seeing the advert on Facebook.

None have so far reported entering their details.

Cyber expert Andy Heather, VP, Centrify told The Commentator: “With the majority of people still working from home or on furlough due to the Covid-19 crisis, we’re seeing a sharp rise in online scams offering everything from gift cards to discounts on everyday essentials.

"These fraudulent posts are specifically designed to catch consumers off-guard, often making use of sponsored posts to fool unsuspecting victims into handing over personal information such as bank details.

Heather continued, "Failure to identify and avoid these scams could cause a serious security headache for consumers, especially if they are using company-owned laptops and mobile devices and inadvertently putting their employer at risk of fraud. All it takes is for a hacker to get hold of a username and password and within minutes they will be able to access email accounts and impersonate workers in an effort to commit widespread fraud, so it’s vital companies invest in the latest cyber security systems to ensure fraudsters are locked out of the business at all times.”

Last month a warning was issued over a similar scam using Facebook sponsored posts to promote a ‘Free 4K TV’ from Tesco.

blog comments powered by Disqus