Get the Millennium Falcon Lego Set for 39 CZK? Think Again!

Recently, I came across another fraudulent activity, this time one of Facebook ads caught my attention. It was the week after May 4, which is unofficially called Start Wars Day (based on the punchline May the Fourth be with you) when Facebook ads offered me an irresistible offer to purchase the Millennium Falcon Lego set for just 39 CZK. The ad targeting was spot-on, as it specifically reached out to me as a Star Wars fan. Moreover, it mentioned Star Wars Episode VI 40th Anniversary, which is indeed coming this year. Unfortunately, this was a scam that tried to extort sensitive personal data and credit card information from potential victims using various techniques.

Fraudulent Facebook Ad

The fraudulent ad contained, in addition to an obviously photoshopped introductory photo, fraudulent comments containing photos, forged conversations in Czech and interactions between the “people” who took advantage of the offer.

Forged conversations under fraudulent ad

If a potential victim clicks on the ad, they will be taken to a fraudulent phishing site. The fraudulent page displayed the promised LEGO set of Han Solo’s Millennium Falcon ship, with accompanying text about the chance to win it. But first the user must answer three questions to verify that they are a real person. Of course, there was also an urgency factor involved, with the site informing the user that the number of LEGO sets on offer was limited.

Fraudulent Phishing Page

After answering the questions, the fun part began. The user is presented with an interactive game in the form of closed boxes. An information window informs the user that if they choose the correct box, they will win the coveted LEGO set at a heavily discounted price. To add to the illusion of authenticity, the scammers ensured that I won the prize on my last attempt (Lucky me 😄). This is a well-thought-out move to make the victim feel special and persuade them to continue.

Cunning deception in form of game

Desired price

After obtaining the coveted LEGO set from the box, the victim is redirected to a fraudulent order form, where they are asked to provide personal information such as name, address, email, and even phone number. This information can already be used by scammers in many ways, for example, for further phishing attacks.

Fraudulent reservation form

Filling out the form is not the end of the scam, and in the last step, the victim is redirected to the payment gateway demanding card details. The payment gateway does indeed promise to pay 2 euros, not for a Millennium Falcon LEGO set, but for a three-day trial of some probably not entirely legitimate membership. If the victim reads the little grey text, they’ll learn that after the three-day trial expires, 69 euros will be charged to their card every 30 days. Therefore, in the end, the whole thing can only be an unfair practice to lure customers. Be that as it may, I don’t think I would ever see my Millennium Falcon LEGO even after payment.

Payment Gateway

Fortunately, some security solution vendors label the site as illegitimate.

May the force be with you and remain skeptical of similar online offers that appear too good to be true.

Virus Total results