- Index hide
They steal brand identity from Mercado Libre and promote a face page on networks.
Ads are posted on YouTube and Facebook to promote the fake website.
They alert users by design almost identical to that of the brand that is used to scam.
A website with a design similar to that of Mercado Libre is promoted on social networks in order to impersonate the Argentine brand and play with the loyalty of its buyers.
It was ESET who found the scam medium and analyzed the modus operandi of the web, which is presumed to steal sensitive data from users, such as those registered on a credit card. The company dedicated to the proactive detection of threats disclosed the risks that this represents for Internet users, since only in the last quarter of 2021 fraudulent websites grew by 3 percent, including those posing as platforms of Prestige eCommerce.
The Mercado Libre Fake, how to detect it?
According to ESET’s mapping, this website tries to supplant the identity of the Latin American brand, since it also uses the logo of Mercado Pago, the associated payment platform; however, the domain name is not related to the official company, so it is possible to detect that it is a hoax just by looking at the URL.
Although so far it has been observed that this site was linked to campaigns directed at Colombia, the detection managed to show its use in countries like Brazil, as well as the option in its design to “select the country of operation” by places like Argentina, Chile or Mexico, so it is likely that it also circulates in our country.
“These ads promote great deals on expensive products like TVs, computers and cell phones, motorcycles, etc., which should be a second red flag (in addition to the domain) for the user: the prices are too good to be ignored. real. For example, a user of Reddit commented that he came to the site for an offer of an electric scooter for only 160,000 Colombian pesos, the equivalent of 42 US dollars”, explains Martina López, Computer Security Researcher at ESET Latin America.
Cybercriminals, they limit, promote deception through platform advertisements, such as Facebook and YouTube.
Although the design of the web page includes elements similar to the real Mercado Libre site, which increases the possibility of a victim falling into the trap, since it has products with complete descriptions, attractive photos, selection buttons for currencies, country , languages and many more.
However, the site is indexed by Google search engines, which makes it appear in the requests of Internet users when searching for a specific article, throwing the false promotion among the results.
How is the attack carried out?
The mega offers offered by the fake page are a reference to think that something is wrong, but it is when the victim clicks on the purchase option and is directed to a page that simulates the eCommerce checkout when the scam is executed.
It is at this moment that the fraudsters request financial personal data as if it were a regulated online purchase, where the payment is made and the shipment is agreed.
According to ESET, this type of data could be used for phishing or fraud attacks, or sold on underground markets on the dark web for a few cents.
Once this information is attached, and having shared the card number and bank security code, the victim sees the discount reflected in their account, but never receives the product.
According to the information provided by the WhoIs service, which registers domain administration on the Internet, this website was registered during December 2021 with a service from China, far from the area where its ads are directed.
“ESET recommend paying special attention to any advertising that offers products or services at a very good price, or even free, since there is no guarantee that the offer is true. Also, it is important to check the links of the sites you enter, to make sure that it is really the site you want to enter and not a fake one, ”he says in a statement.
Now read:
I’m Mirrey takes a “village bath” and learns to prepare gorditas in a street stall
Mexico, a country full of poor, but with great billionaires
“Documentary of Bodega Aurrerá”; That’s how they made fun of Epigmenio Ibarra’s “spot”