Fraudsters Exploit Trump’s Digital Trading Cards Trend for Phishing Attacks – How to Spot

Donald Trump’s Digital Trading Cards: A New Target for Cybercriminals

Former President Donald Trump's digital trading cards have captivated collectors with promises of exclusive digital assets and real-life experiences, such as owning a piece of his debate suit or attending a Gala Dinner with him.

Launched under the domain ‘collecttrumpcards.com’, these cards have attracted considerable attention.

However, this surge in popularity has also drawn the interest of cybercriminals who are exploiting the trend to launch phishing attacks.

Phishing Schemes: The Rise of Fake Domains

Cybercriminals are leveraging the excitement around Trump’s digital trading cards to deceive users into revealing sensitive information.

Veriti, a cybersecurity firm, has identified several phishing tactics aimed at tricking users.

Malicious actors have created fake domains that closely resemble the official website.

For instance, ‘trumpdigitaltradingcards/.xyz’ mimics the legitimate URL, ‘collecttrumpcards/.com’, with subtle alterations to deceive users.

The website with the ‘xyz’ extension is a scam.

Another deceptive domain, ‘collecttrunpcards/.com’, replaces the "M" in "Trump" with an "N" to mislead individuals into believing it is affiliated with the official site.

These fake domains are designed to harvest users' financial details, login credentials, and personal information.

Veriti notes,

"Attackers are leveraging the popularity of these trading cards to exploit users’ curiosity and desire to acquire them."

Traditional Phishing Tactics: Email Scams and Typosquatting

The phishing attacks extend beyond fake websites.

Cybercriminals are employing traditional tactics such as email phishing and domain typosquatting.

Users receive emails that appear to be from credible sources, promoting limited-time offers on Trump’s digital cards.

These emails contain links to phishing sites, where victims may inadvertently provide sensitive data.

Domain typosquatting is another method used to deceive users.

By registering domains that closely resemble the official website, attackers create confusion.

Examples include:

• colectrumpcards/.com
• collecttrumcards/.com

These domains are similar enough to the official site to trick users who may not notice the differences.

Trump's Name Used to Lure Cybercriminals in Multiple Scams

This isn’t the first time Trump has been used as a lure for cybercriminal activity.

In July 2024, scammers set up fake websites to steal donations from his supporters.

Additionally, hackers exploited a fake assassination story involving Trump to steal cryptocurrency.

In January 2021, a phishing video link associated with Trump’s election campaign distributed QNode RAT malware.

Protecting Yourself from Phishing Attacks

To safeguard against these phishing scams, users should adopt several precautionary measures:

• Be wary of unsolicited emails about Trump digital trading cards — type the URL manually to avoid scams.

• Verify URLs carefully before entering personal info — phishing sites often use subtle spelling tricks.

• Look for HTTPS to ensure a secure connection, adding an extra layer of safety to your browsing.

• Stay updated with Coinlive.com for the latest on cybersecurity and online scams to better protect yourself from new phishing threats.

By staying vigilant and informed about the latest phishing tactics, collectors and supporters can protect themselves from falling victim to these increasingly sophisticated scams.