Cadbury cyber scam offering ‘free chocolate hampers’ in exchange for bank details on Facebook

Online scam from cyber criminals attempts to lure chocolate-loving consumers into handling over personal data in exchange for a 'free chocolate hamper' containing Cadbury confectionary

by Patrick Sullivan, Political Editor on 9 November 2020 09:45


Sweet-toothed members of the public have been warned about a new phishing scam offering a festive chocolate hamper from Cadbury in exchange for their bank details and home address.

The scheme, uncovered by the Parliament Street cyber research team, begins with a dodgy Facebook Group called ‘Cadbury Rewards’ with a message purporting to be from a Cadbury regional manager called Anna Burton.

The message, which is accompanied by an image of a woman clutching a hamper of chocolate including Twirls, Curly Wurlys and Dairy Milk bars reads:

“Hello Cadbury Fans! I’m Anna Burton, a regional manager at Cadbury UK and today I have some news that might excite you. We are going to celebrate 126 years of Cadbury today by doing something very special for you all, we will be sending one Cadbury Hamper to EVERYONE who shares and comments by 11.59pm TONIGHT. Make sure you enter here [Fake website URL].”

Victims are then directed towards a fraudulent website using Cadbury branding. It asks entrants to input their name, home address, phone number, email address and bank card details in order to be eligible.

Cadbury, which is now owned by US giant Mondelez International, was founded in 1824 in Birmingham, UK, making the confectionary giant 196 years old, not 126 years old as stated by the fake advert.

Additionally, Parliament Street researchers could find no record of ‘Anna Burton’ as a regional manager on social networking site LinkedIn or the Cadbury website.

The advert was posted on Facebook over the weekend and by Sunday 8th November had over 1,700 ‘likes’ and hundreds of comments. One Facebook user called Jayne left a comment saying “I work for the Royal Derby Hospital on a ward caring for the elderly, we are a Covid ward again, all the staff work so hard, it would be lovely to win one of these and share with the staff.”

Another called Irene said she would like the hamper to go to her elderly friend who carried on working to support patients affected by Covid, “… she’s just retired from the NHS where she has worked for 43 years… but she’s stayed on as she felt like she couldn’t go.”

Cyber security expert Andy Heather, VP, Centrify told The Commentator: “With the Christmas season fast approaching, it’s no surprise that hackers are attempting to lure lockdown-weary members of the public into handing over their bank details and passwords with the promise of chocolate hampers and tasty treats. This is the latest in a series of scams whereby social media platforms are being used to elevate awareness and spread the fraud, hijacking official branding and making use of photos and testimonials to fool victims.

Heather continued, "With millions of people now working from home and using company-issued laptops and smart phones during the pandemic, there is an increased security risk to businesses that a cyber criminal is able to imitate an employee using stolen email account credentials. We urge all members of the public to remain vigilant against these phishing attacks and always double check that an apparently sweet deal isn’t going to leave a bitter aftertaste.”

blog comments powered by Disqus