Story image

Hitting emails and Facebook: Ray-Ban scam is back

13 Jun 16

A while ago, we informed you about a Ray-Ban scam campaign flooding Facebook via hacked profiles. Using fake ads that offered massive discounts, attackers tried to lure users into “buying” branded sunglasses, thus giving up their payment card details via an unsecured channel.

Spread mostly via posts disguised as ads for Ray-Bans, the scam also tags a small group of the intended victim’s friends. Attackers have also created a lot of bogus Facebook pages and events indirectly leading users to visit their scam stores. Other channels used to spread this hoax included communication apps such as WhatsApp, Viber, iMessage or Facebook Messenger.

Yet, it seems this hasn’t satisfied the attackers. As we have seen recently, they have reverted to an older but still very efficient way of spamming potential victims – email.

Expanding tentacles

In just the last few months, ESET’s Antispam solution has detected tens of thousands of these scam emails delivered worldwide. Some of the most affected countries have been the UK, Japan and Spain.

As shown in our previous analysis, fake sunglasses stores were often built for different countries using their respective currencies. Most of them accepted US dollars, the eurozone’s euro, British sterling, Canadian dollars and Australian dollars.

But the latest email spamming campaigns were redirecting to pages that also accepted less popular currencies such as the Brazilian real, New Zealand dollars, Swedish kronor, Danish kroner, Singapore dollar, Swiss francs, Norwegian kroner, and Czech koruna.

We would like to advise users to be extra careful and pay attention when dealing with offers promising high discounts or cheap branded goods. Browsing these web pages is not risky in itself, but proceeding to order and pay definitely is. These fake e-shops are not genuine and don’t use SSLcertificates to encrypt communications while sending credit card information. Therefore, sensitive data can be stolen and misused, or even eavesdropped upon by malicious third parties.


If you receive an email from an untrusted person with similar characteristics selling discounted goods:

·       Do not open any URL links inside the body of the email or download its attachment.

·       Report such email as spam.

In case you receive the scam ads on Facebook:

·       Do not react to any messages, tagged photos or advertisement images sent to your Facebook wall.

·       Remove a tag of yourself from any such images posted by your friends.

·       If you are the one sending or tagging friends then immediately scan your computer with up-to-date security software. If you don’t have any security software, you can use our free solution ESET Online Scanner.

Article by Lukas Stefanko, malware researcher, ESET

SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”