Scammers are targeting telecoms users with “Davido Airtime and Data Giveaway” in a fraudulent promo exploiting the Nigerian artiste’s N250 million donation plan, the telecoms regulator says.
The “Davido Airtime and Data Giveaway” scam alert issued this morning by the telecoms watchdog comes amid a recent NCC advisory asking telecoms subscribers, telcos, and ISPs to beef up their cybersecurity against Lyceum, an Iranian hacking group that goes by other names like Hexane, Siamesekitten, and Spirlin.
David Adedeji Adeleke, better known by his stage name, Davido, recently announced plans to donate N250 million naira to various orphanage homes across Nigeria, following successful fundraising supported by his friends and fans.
NCC: How “Davido Airtime and Data Giveaway” Scam Works
Meanwhile, the Nigerian Communications Commission (NCC), the nation’s watchdog says it “has discovered while undertaking online social listening that an ostensibly syndicated group is on the prowl to swindle unsuspecting members of the public, particularly millions of Nigerian telecom consumers”, Dr. Ikechukwu Adinde, NCC Public Affairs Director says in a statement seen by Technology Times.
By exploiting Davido’s benevolence, Adinde says the “group of scammers rolled out an advertorial titled “Davido Airtime and Data Giveaway”, which went viral, claiming that Davido is “giving out free 5K Airtime and 10GB Internet data of All Networks” to celebrate his birthday.”
“This is a scam”, says the NCC spokesman, who explains further that “in the advertorial, the general public is urged to hurry and get the gift by clicking on the links that supposedly redirect them to network sites, where they will be credited with airtime and data.”
According to him, NCC advises Nigeria’s “teeming telecom consumers to have nothing to do with the advert or any similar bogus enticements. The adverts are what they are – social engineering rip-offs designed to get people’s MSISDN and other information that fraudsters can use later to defraud unsuspecting telecom consumers and members of the public.”
For clarity, Adinde says that “the MSISDN is simply the full phone number of a cellphone, in addition to other protocol information. This number is unique and identifies subscribers/owners in a GSM or other mobile networks. Therefore, it suffices to state that any unscrupulous person or unethical hacker can use the number and attendant protocol to undermine the privacy of the real owners of the number through identity theft and other scams.”
The telecoms regulator, Adinde adds, “reiterates its earlier warning to telecom consumers to be cautious and not to let their guards down. If a promo or an offer seems too good to be true, then it is likely untrue.”
According to Adinde, NCC “will not rest on its oars in empowering telecom consumers with the requisite information and education in order to protect them from cybercriminals determined to use the telecom platforms to perpetrate frauds.”
In the case of the Iranian hackers’ threat, NCC says that the general public and telecoms consumers take the seven under-listed steps to protect their phones and other devices:
1. Ensure the consistent use of firewalls (software, hardware, and cloud firewalls).
2. Enable a Web Application Firewall to help detect and prevent attacks coming from web applications by inspecting HTTP traffic.
3. Install Up-to-date antivirus programs to help detect and prevent a wide range of malware, trojans, and viruses, which APT hackers will use to exploit your system.
4. Implement the use of Intrusion Prevention Systems that monitor your network.
5. Create a secure sandboxing environment that allows you to open and run untrusted programs or codes without risking harm to your operating system.
6. Ensure the use of a virtual private network (VPN) to prevent an easy opportunity for APT hackers to gain initial access to your company’s network.
7. Enable spam and malware protection for your email applications, and educate your employees on how to identify potentially malicious emails.