As this stressful year concludes, cybercriminals and fraudsters continue to take advantage of unsuspecting Internet users.  The Europe-based grocer ALDI is warning consumers about fake social media posts on Facebook promising free “Christmas food boxes.” 

 ALDI warns clicking on the Facebook post will lead consumers to a website likely to install malware on their computers.  Currently, Information Security professionals know little about the malicious payload (if any).  Equally concerning to information security professionals is the small geographic area targeted in the initial campaign.  Historically, attacks targeted towards smaller geographic areas are simply a “test run” to work out any issues before proceeding to a larger campaign. 

Although ALDI is the grocer targeted at this time, criminals likely will expand the campaign to include other retailers locally and nationally. Internet users need to be cautious when clicking on links on social media.  For instance, ALDI noted in a press release to “always be sure to look for the blue check mark (sic) by our name for authenticity.”   Use the same caution for all other retailer’s social media posts.  Remember, if the offer seems too good to be true, it probably isn’t true.  But, if the offer seems too tempting to ignore, be sure to check the retailer’s website or contact them by phone to confirm. 

Author: Bill Green