SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Nvidia joins the list of brands favoured by fraudsters
Wed, 20th Jul 2022
FYI, this story is more than a year old

New malicious activity discovered by Kaspersky has found the attackers were hidden behind technology company, Nvidia. These attackers launched a fraudulent website to commemorate the company's 30th anniversary, which welcomed visitors to participate in a 50-thousand bitcoin giveaway. The scammers had made a mistake though, using the Nvidia logo in an incorrect violet colour, when it is originally green.

To reach a specific community, scammers often act under the guise of well-known companies, Kaspersky says.

The page contains a “Participate” button which, once clicked, takes the visitor to a page with detailed information on the giveaway – it is, however, full of spelling errors, which is unacceptable for a reputable company such as Nvidia. The page encourages potential victims to donate prior to entering the giveaway, and includes an image of Jensen Huang, the Nvidia CEO. Successful participants are told they can double their donation or even hit the ‘jackpot'– 50 thousand bitcoins. The page includes crypto wallet credentials for users to send their ‘donation'.

The scammers' wallet can be checked on, however, the total account balance is 0.42 BTC (8 495 USD) – far less than the 50 thousand bitcoins advertised. It is unsure whether the amount in there has been formed by donations or not, but several transactions from unknown senders can be tracked in the account history.

“Crypto scams that involve images of celebrities, or power brands, become trendy these days. We've witnessed campaigns with Elon Musk, Bill Gates, and Pavel Durov," says Olga Svistunova, a security expert at Kaspersky.

"This time the attackers went further, launching fraudulent activity on behalf of Nvidia's CEO and connecting it to a very special occasion for the company," she says.

"Our primary advice is to carefully check all the links you follow while surfing the net, and avoid donating to untrustworthy initiatives."

To avoid scams, save money and keep personal data private, Kaspersky experts share the following simple tips:

  • Check any links before clicking. Hover over them to preview the URL and look for misspellings or any other irregularities.
  • Sometimes fake websites look just like real ones. It depends on how well the criminals did their homework. Hyperlinks are the most likely to be incorrect — often containing spelling mistakes — but these links can also be disguised to look valid and redirect you to a different page, impersonating the legitimate site.
  • To protect your data and finances, it is good practice to make sure the online checkout and payment page is secure. You'll know it is if the web page's URL begins with HTTPS instead of the usual HTTP; an icon of a lock will also typically appear beside the URL and the address bar, showing in green on some browsers. If you don't see these features, do not proceed. 
  • Use a trusted security solution that can help check the security of the URL that you're visiting, and can also provide the ability to open any site in a protected container to prevent theft of sensitive data, including financial details.