HQ/EMEAFind out how we can help your business
After completing an offer on a site that impersonates Flipper Devices, a new scam campaign lures users with free Flipper Zero devices.
The product used for ongoing scams is a portable multi-functional cybersecurity tool that aids hacking enthusiasts and pen-testers. The device enables researchers to experiment with various hardware by supporting RFID emulation, radio communication, infrared, NFC, digital access key cloning, and Bluetooth, among others.
Hackers and researchers became interested in the tool after the first operators demonstrated a trial run of its capabilities during its initial launch. Hence, scammers have ridden the hype train about the new product to catch unknowing customers that want to acquire the device.
Scammers promote free Flipper Zero devices on seemingly legitimate sites.
Earlier this month, a researcher noticed a website that promotes a free Flipper Zero device on social media and Reddit by filling out an offer.
The website mimicked the legitimate website of Flipper Zero, including its ‘Copyright’, ‘All Rights Reserved’ statement, and its ‘Terms of Use and Privacy Pages.’
However, the researchers noticed that all other links within the page redirect to offers hosted on a notorious platform for hosting browser notification scams, surveys, uncommon affiliate sites, and sketchy browse search extensions.
Site visitors may receive the device after accomplishing an offer. Still, a security researcher claimed that many of the proposals from these shady websites are fake and only used the forms to harvest personal data. The confirmed details included in the offer are names, addresses and email addresses, which threat actors could use for future phishing scams and other malicious campaigns.
On the other hand, the official Flipper Devices management said they do not have ties with the websites offering their products for free. Furthermore, they are working with authorities to shut down such websites to protect their customers.
Unfortunately, the website remains active; hence, users must only visit the legitimate website of Flipper Zero to acquire the device. Cybersecurity experts believe that scammers and threat actors will continue exploiting the device since it has so much traction to gain an advantage or data for future operations.
