As the popularity of collectible cards continues to rise—whether it’s Pokémon, NBA, NFL, or Star Wars—cyber attackers have found a new target: digital trading cards. Recently, Donald Trump announced his own digital trading card series, sparking excitement among collectors and supporters alike. However, as with any popular online trend, malicious actors are quick to exploit the opportunity, creating phishing sites and fake domains to deceive unsuspecting victims. 

The Veriti research team discovered how cybercriminals are using the hype around Trump’s digital trading cards to lure users into phishing traps and what you can do to protect yourself from these scams. 

Trump’s Digital Trading Cards: A New Collectible Craze 

In recent weeks, former President Donald Trump announced the release of his digital trading cards under the domain collecttrumpcards.com. These cards offer various incentives, from exclusive digital assets to real-life experiences. For example, purchasing 15 cards could get you a piece of his debate suit, while buying 75 or more may earn you a Gala Dinner with the former President. The announcement created significant buzz among collectors and political supporters, driving traffic to the official site. 

However, as we’ve seen time and again, cyber attackers are quick to capitalize on such trends. 

The Phishing Threat: Fake Domains and Scams 

Attackers often use social engineering and trending topics to trick users into revealing sensitive information or handing over money. In the case of Trump’s digital trading cards, multiple phishing domains have appeared, all designed to deceive users into believing they are interacting with the official site. 

For example, a fake domain such as trumpdigitaltradingcards/.xyz has emerged, mimicking the official URL but with subtle differences. These phishing sites aim to collect users’ financial information, login credentials, and even personal identification details. 

In another instance, even political opponents are taking advantage of this tactic. A fake site from the Democratic Party surfaced under the domain collecttrunpcards/.com (with an “N” replacing the “M” in “Trump”), showing how widespread and varied the attack vectors have become. 

Common Phishing Tactics in the Digital Trading Card Space 

Attackers are not only setting up fake domains but are also using traditional phishing tactics to lure in victims. Some examples include: 

• Email Phishing: Users receive emails that appear to be from legitimate sources, promoting limited-time offers on Trump’s digital cards. These emails often contain malicious links that lead to phishing websites. 

• Domain Typosquatting: As mentioned, attackers use similar-sounding domains to trick users. Examples include: 

• colectrumpcards/.com 

• collecttrumcards/.com 

These domains look similar enough to the official URL that users may not notice the subtle differences, making them easy targets for phishing attacks. 

Tips for Avoiding Phishing Scams 

As with any online trend, it’s important to stay vigilant and avoid falling victim to phishing scams. Here are some tips to help protect yourself: 

1. Double-check URLs: Always verify the domain name before entering any personal information. Phishing sites often use slight variations in spelling, such as replacing letters or adding extra characters to fool users. 

2. Be cautious of unsolicited emails: If you receive an email promoting Trump digital trading cards, be wary of any links. Instead of clicking directly on the link, navigate to the official website by typing in the URL manually. 

3. Look for HTTPS: When visiting any website, ensure it uses a secure connection (HTTPS). While this doesn’t guarantee that the site is legitimate, it adds a layer of security to your browsing experience. 

4. Stay informed: Cyber attackers often target trending topics. By staying aware of the latest online threats, you can better protect yourself from falling victim to phishing scams. 

As digital collectibles gain popularity, so too do the threats associated with them. Attackers are quick to exploit the latest trends, using phishing tactics to deceive users and steal their information. With the release of Trump’s digital trading cards, we’re already seeing a surge in phishing domains and scams aimed at capitalizing on the excitement surrounding this new collectible craze. 

The post Phishing Threats Surround Trump Digital Trading Cards: How Attackers Are Exploiting the Trend  appeared first on VERITI.

*** This is a Security Bloggers Network syndicated blog from VERITI authored by Veriti Research. Read the original post at: https://veriti.ai/blog/phishing-threats-surround-trump-digital-trading-cards-how-attackers-are-exploiting-the-trend/