Recently, an advertisement of a Commonwealth government scholarship targeting students has been popular online. It has been majorly spreading through the WhatsApp Messenger Application, masked with a shortened “bit.ly” link.
Case study: https://fullscholarsintel.online
This campaign definitely had many people, especially students, falling for it since it is widespread. The scholarship promises various benefits as shown in the image below, the “unlimited work permit” for a scholarship definitely catching my eye.
This is an example of a phishing attempt where we are tricked into giving out our personal information like our name, email address and the university program we are enrolled to.
Tempting benefits like full tuition payment and full free medical cover are added to be more attractive to a victim. The account take over will depend on the harvester’s intention of collecting your personal information. If the attacker takes over the email account, which is often the hub for most password reset links, the accounts linked to the same email address will be lost. Poor password practices make the account takeover even easier.
We cover proper password hygiene in this article.
Spotting the indicators of the phishing attempt
Let us now look at ways of spotting such phishing attempts easily through looking at various “red flags” in this particular scam and where to go and query if unsure of the legitimacy of a website.The following are identifiers(specific to this scholarship scam) that anyone could easily spot without employing any technical skills to identify a phishing attempt.
- The link in question uses a domain different from the claimed universities. The webpage does not also include any references or links to the three universities listed.
2. The links to social media do not redirect to any social media page associated with the commonwealth government scholarship. At the bottom of the website, there are social media icons that should redirect a user to their respective social media accounts, but all that clicking on the link does is redirecting to another site (www.user-shield-check.com)
3. The requirement to share the “scholarship” advertisement to friends and groups via WhatsApp. The final prompt after filling in the personal information is to share the information with 15 friends, failure to which, the applicant would not get the “visa form”.
This model is similar to phishing campaigns that require one to spread the “opportunity”(usually cash offers) to a given number of friends or groups, usually 15. (what is it with the choice of the number 15 by the way?)
The fact that the blue bar(shown below) becomes full by just clicking on the “invite friends/groups” a number of times should be another indication that this is a scam.(Peek the twitter verified badge to make it look legitimate)
4. Finally, the numerous spelling errors in parts of the commonwealth scholarship application page. There also is the option to choose “African” as a nationality. It is important to note that not all websites with misspellings are malicious, but if you come across one, please be alert.
What to do if you suspect a site might be malicious
In this instance of the commonwealth government scholarship application, the best action to take would be to visit the official website of the institution offering the scholarship and browse to their scholarships page to see if they are offering the advertised scholarship.
However, not all phishing campaigns are as lazily implemented as our case study here. Carefully crafted phishing campaigns will need more technical analysis to spot them. For websites that would not have a confirmation option like the above, please submit the website link to verify.cyberspace.co.ke. The free platform will help you identify whether a site is malicious or not. If you also know of a malicious website, share it with us so that others don’t fall victim to the same.
Let’s continue keeping the Kenyan cyberspace safe. See you in the next article.