Phishers target South Africa’s BidorBuy auction website

South African internet users should be on their guard as a wave of phishing emails have been spammed out pretending to be from the country’s largest internet auction website.

Emails intercepted by Sophos pretend to be from BidorBuy, and claim that the recipient’s account details have been stolen:

Attention! Your BidorBuy account was stolen!
This is a must to ensure that only you have access and use of your BidorBuy account and to ensure a safe BidorBuy experience.

You can well understand that people might be alarmed if they receive a message saying their account has been stolen – imagining that someone else might be purchasing goods in an online auction using their details.

Clicking on the link, however, doesn’t take you to the real BidorBuy website but instead takes you to a phishing page set up on a Russian webserver.

It’s worth everybody remembering that phishing gangs and cybercriminals don’t just target users of multinational global…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.