Hackers spoof Homebase CEO Damian McGloughlin in ‘£500 golden envelope scam’
Cyber criminals pretend to be Homebase CEO Damian McGloughlin in free gift voucher scam targetting shoppers online this Christmas
Christmas shoppers are being targeted by a sophisticated social media scam, purporting to be from the Homebase CEO Damian McGloughlin offering a ‘free golden envelope containing £500’.
Researchers at the Parliament Street think tank’s cyber team uncovered the scam and issued a public warning on Wednesday 2nd of November via the group’s social media channels. The scam, the core page of which is still live on Facebook, with CEO golden envelope posts now taken down, begins with a message from man with pierced ears and a short white ‘soul patch’ beard, clutching golden envelopes containing Homebase-branded literature.
The man does not resemble the company’s current CEO Damian McGloughlin, and yet includes the following message: “Hello everyone, we have a Christmas surprise for you all! I’m Damian McGloughlin, CEO of Homebase and on November 28th I’ll be giving these 25 golden envelopes away to 25 people who share and comment. Each golden envelope contains £500 to spend at Homebase.” Users are requested to share and like the posts with a chance to win prizes, in exchange for handing over their bank details.
The latest posts include offers for a free Homebase kitchen. The dodgy Facebook page, which has been live for several days, has so far attracted over 4,000 likes and hundreds of comments from shoppers seeking to win the free gifts.
Cyber expert Andy Harcup, VP, Absolute Software comments: “With the festive shopping season in full swing, it’s no surprise that fraudsters are looking for new ways to take control of consumers’ confidential Personal Financial Information (PFI) and Personal Individual Information (PII). According to Absolute, there has been a 104% increase in sensitive data being stored on employer-issued laptops since the pandemic began.
Harcup continued, "With 60% of the UK’s adult population currently working from home during the Coronavirus lockdown, bad actors could nefariously access endpoints, turn off security controls, thereby creating wide-spread access to sensitive data and wreak havoc on organisations during the holiday season. Tackling this problem requires company security teams to ensure endpoints are equipped with critical capabilities, including Endpoint Resilience to protect devices from malicious attacks.”
We are wholly dependent on the kindness of our readers for our continued work. We thank you in advance for any support you can offer.