Malicious Data Harvesting Links – Fake Cash Grants

Background

The Cyber Security Authority (CSA) has taken note of malicious links in circulation purporting to provide access to a cash grant from a former President of Ghana, John Dramani Mahama.

Key Findings

  • The links are mainly distributed through social media platforms such as WhatsApp,Facebook Messenger, Instagram, and Telegram.
  • The current links in circulation include:
    - https://yournewclaims[.]com/Mahama2023/
    - https://lyupz[.]com/Mahaha-2023-Grants
  • The web page displayed after the links are clicked comes with the message: “Former President JOHN MAHAMA on Feb 1st 2023. Offer a New Grants of 2,000 GHS to individual to support all Citizens and Empower the Youths. My idea for the introduction of this is to make every individual happy and empower our Youth for business and career goals. Get Your Own 2,000 By Filling The Form Below. The JOHN MAHAMA 2,000 GHS New Grant Support for All Ghanians. Applicants are to fill the form below and click on Apply”.
  • A form titled “Mahama’s Grant Application Form” is also displayed on the webpage for interested persons to submit Personally Identifiable Information (PII).
  • The harvested PII may be used for phishing attacks and other online fraudulent activities.

Recommendation

  • The public is hereby informed to disregard the offer as the former President is not associated with these websites.
  • Always be cautious of links that are unsolicited, even if they appear to come from someone you know. Verify with the sender before clicking on any link.
  • Pay attention to the domain names for any website that claims to be associated with a high-profile personality. Contact the CSA if you need help to confirm the authenticity of links.
  • Pay attention to the content on sites you visit. Fake or malicious sites are likely to have several spelling and grammatical errors.
  • Avoid clicking on links in suspicious or unexpected messages and emails, especially those that ask you to enter personal information or login credentials.
  • Keep all your software especially antivirus up to date. This will help prevent attackers from exploiting known vulnerabilities in your software or operating system.

Contact the Cyber Security Authority

The CSA has a 24-hour Cybersecurity/Cybercrime Incident Reporting Points of Contact (PoC) for reporting cybercrimes and for seeking clarification and guidance on online links and transactions;Call or Text – 292, WhatsApp – 0501603111, Email – report@csa.gov.gh

Issued by Cyber Security Authority March 9, 2023