A targeted spam campaign in Allegro users

Once again, users using the Allegro auction portal are exposed to data extortion. Another spam message states that the user account has been suspended due to the use of it simultaneously from several IP addresses . In order to verify if the user is the owner of the account, he should immediately log in with the data from the Allegro account. However, it is better not to do it - the link placed in the e-mail redirects to a page that is not part of the Allegro website, and the antivirus software qualifies it as potentially dangerous.

The message itself is perfectly counterfeit - we get from the notification address (@) allegro.pl, and the content includes the logo and all elements usually used in contact e-mails: footer, links to the contact (which also transfer to a potentially dangerous site) and hints for users. Unfortunately, not all users can capture these small details that distinguish the fake from real messages and, as a result, go to the dangerous side.

That is why it is very important to make sure that the e-mail certainly leads to the right page. In the mail client, just hover over the link and the address of the landing page will be displayed:

We also remind you that any suspicious e-mail can be sent to Allegro for verification through the contact form - portal support can confirm whether the information in the e-mail is true. If the information turns out to be false, it should be immediately forwarded (using the "forward as an attachment" or "forward" option) to [email protected] .

Allegro on its websites constantly warns against attempts to obtain login data:

"Stay alert especially if the email in addition to the login link contains:

  • the risk of blocking the account,
  • request for confirmation of your data,
  • the threat of account deletion,
  • information about suspicious transactions in your account,
  • information about a private message,
  • inquiry about the offer you have not submitted. "

In addition, before logging in to your Allegro account, please make sure that the connection is encrypted. It's also worth getting antivirus software to check e-mails for spam and filtering websites - then even after clicking on a bad link the site will be blocked and marked as potentially dangerous.

The page from the email above does not work anymore and should not be a threat. However, every time we should be aware that even the best-looking email can be dangerous.

source: Bitdefender

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.