Subscription Traps and Trojans
Malicious WhatsApp chain letter promises Milka giveaways: this is how it recognizes fraud attempts
A supposed contest by Milka to give away chocolate-filled Easter gift baskets is making the rounds on Whatsapp. The manufacturer Mondelez warns: This chain letter is fake.
“Milka’s Free Easter Gift Baskets – 5000 Free Gifts For You” – that’s what she says in thousands of Whatsapp chats. But what seems like the perfect competition for the Easter season unfortunately turns out to be an attempt to lure the recipient into a subscription trap and, at best, leave a Trojan behind.
Even Milka’s maker, Mondelez, warns: “In various media, consumers are often informed about fake Milka contests! These are click-baits that lead to a contest. These promotions are not from our company. Our Milka brand is stands out with these contests in any context”. They only pursue the purpose of receiving personal data to be able to contact the participants later.”
What happens when you click?
As soon as you tap on the message, it will be sent to the Russian domain “wp20.ru”. The sneaky thing about Milka’s scam: the competition doesn’t end there, you’re first asked to answer questions. The original message must then be forwarded to 20 contacts to ultimately qualify for the gift basket raffle.
Once you’ve done that, you can finally click “Complete,” and this is where it gets dangerous. As reported by the Viennese association for Internet abuse research “Mimikama”, numerous different browser windows are opened, trying to lure the suspected lottery participant into subscription traps or signal that a “cleaner update” is recommended. for smartphone.
If this malware is installed, the only way to protect against malfunctioning and rogue apps is to completely reinstall the smartphone software.
It is unclear who is behind the news and what the intentions of those behind the action are. Based on the domain, it’s reasonable to assume that they could be Russian people wreaking havoc on smartphones in numerous countries or wanting to gain access to devices and data. The campaign is not limited to Germany: complaints are also coming from Argentina and Great Britain, where a popular chocolate is advertised there, in these examples Ferrero and Cadbury.
This is how you protect yourself from fraud attempts with the alleged Milka draw
A general protection against these types of messages is hardly possible because they are mostly forwarded by friends or relatives. But you can use simple means to check if the message is genuine. Basically, you should be skeptical about forwarded messages, because most chain letters with fraudulent intent are based on it. A reputable manufacturer will not usually ask you to annoy your Whatsapp contacts.
Another important indicator is the language. Pay close attention to the wording of a supposed giveaway. Clumsy spam messages almost always contain glaring errors that are very rare in real ad campaigns. This is also the case with Milka’s chain letter. The exact wording: “Free Easter Gift Baskets” – both times the “n” doesn’t fit in this case.
Finally, if it does show up, pay close attention to the website address. In any case, a Milka contest would be held on the manufacturer’s website, ie on “Milka.de”, never on a site called “wp20.ru”. Because even if the Russian domain ending in “.ru” means nothing to you at first, “wp20” sounds like everything, but not like a chocolate maker.
If you’ve received such a chain letter and recognize it as spam, tell the sender that they may be sending a fraudulent website to their contacts; there is seldom malicious intent behind it. Chain letters from senders not in your address book should be used as an opportunity to block the sender’s number and report the process to Whatsapp. For unknown numbers, the corresponding buttons appear immediately below the received message.
Sources: Mondelez, Mimikama