It’s that time of the week again! In this post, we will share some of the ongoing scams we caught this week in detail, including COVID-19 phishing text messages, giveaway scams on Discord, attachments with malware, Costco online survey phishing emails, and Amazon brushing scams. Can you spot the scams and avoid them?
COVID-19 Phishing Scam
How does it work?
Pandemic scams are nothing new to us, and they are on the rise again. Scammers pose as the government and send text messages to people, falsely claiming that they are “eligible for the COVID-19 support grant” and asking the recipients to click on a link to apply. Be aware! The link is a phishing link. Once clicked, it will take you to a website and lure you into entering your personal information such as credit card or bank account details. In worse situations, malware will start to download as soon as you click on the link.
Content:
GOV_UK: Due to the recent announcement of the national lockdown, you are eligible for the COVID-19 support grant. To proceed your application visit: Covid.hmrc-bursary[.]com
How to avoid COVID phishing scams?
- Double-check the sender’s mobile number. Numbers from abroad should be a major red flag.
- Reach out to the government agency or Her Majesty’s Revenue and Customs (HMRC) to verify the legitimacy of the text messages.
- NEVER click links or attachments from unknown sources. Check the link’s safety status first using Trend Micro Check!
You can send a screenshot directly to Trend Micro Check for immediate scam detection as well.
Giveaway Scam on Discord
How does it work?
Scammers send messages to people on Discord, falsely claiming that they are “randomly selected in the giveaway.” They tell the recipients that they can claim a prize by signing up on a site they provide and enter promo codes. What’s tricky is that scammers use the seemingly legitimate email support@vloot.io at the end of the fraudulent messages, making the giveaway campaign more promising to the recipients.
What the recipients did not know is that the website provided contains phishing links. Upon clicking, the victims will be taken to a fake game website like CSGO, and they are asked to enter personal information such as passwords, credit card numbers, or bank account details. In worse situations, malware will start to download as soon as the link is clicked.
The content of giveaway scam on Discord:
-vLoot gift- Congratulations! You have been randomly selected among users of Discord Servers, such as: BUFF.GAME, ESL CS:GO, ESEA, ITap Esports, CS.MONEY and many others… in the Giveaway! Participate with vLoot for free in daily giveaways for CS:GO, Steam Gift Cards, Steam Games & more!
You won 3 free case openings on our website. y Your promocode – X3HPP y Try your luck to win one of our great skins: AK-47 | Fire Serpent, AWP | Lightning Strike, Bayonet | Doppler, Desert Eagle | Mecha Industries, Bayonet | Safari Mesh AND MANY OTHERS!!!
How to use and get your prize?
Sign up on the site – https://vlootgift[.]site Go on Page “Codes” Activate your promocode Withdraw your wins Done! Rules Don’t give this Code to other person.Code is valid 3 days from the date of issue. A Do you have any questions about winnings? A S3 Email us – support@vloot.io or Online support on the site.
How to avoid giveaway scams?
- Random messages that you can claim rewards for free is a major red flag. Something is fishy if it appears to be too good to be true.
- Report the scam to Discord officials.
- Check the safety of web addresses using Trend Micro Check:
“PDF Attachment” Malware Scam
How does it work?
Scammers pretend to be from well-known companies such as Amazon or PayPal, spoofing emails that claimed issues about the recipients’ accounts. Furthermore, ask the recipients to download an attachment to “complete verification.” If you take a closer look, you will find that the sender’s email address is not an official one.
The attachment, which looks like a PDF file, can be a phishing site or contains malware. Once the file is clicked, malware will start to download, thus enabling the scammers to spam all your contacts with similar messages.
Content:
You can’t access your account until this process has been completed, please complete your verification now.
This is an automatic email to your account, please check your attachment.
How to avoid malware scams?
- Double check the sender’s email address.
- Reach out to the company/organization to verify the legitimacy of the text messages.
- NEVER download attachments from unknown sources. Check the link’s safety status first using Trend Micro Check!
Costco Online Survey Scam
How does it work?
Did you receive emails from Costco that asks you to do an online survey for rewards? Be careful. It’s a scam!
Scammers fake and spoof the emails, pretending to be someone from Costco. The “OK” buttons in these emails can be malicious or phishing links, which lure you into sending your personal or financial information to the scammers. Think twice before you click on the links!
Content:
–Costco Confirme— Costco Satisfaction Survey
We Want Your Opinion
Congratulations!
You have been selected to get an exclusive reward!
To qualify for this special offer, simply complete our 30-second marketing survey about your shopping experiences.
Click OK to start
How to avoid online survey scams?
Check before your next move. Copy/paste the content and send it to Trend Micro Check for immediate scam detection!
Online Shopping Brushing Scams
You might be familiar with package delivery scams during the shopping season, but what if you received something you didn’t remember ordering? Or, have you seen people talking about these mysterious packages on the internet? Be careful. Brushing scams are on the rise again!
How does it work?
The brushing scam strategy is where unfamiliar online sellers send packages to the receiver, pretending he/she ordered the goods so the sellers can use the purchase record to write positive reviews to boost their online store reputation.
This creates serious problems for the victims. As BBB suggested, the scammers can only send you packages when they have access to your personal data – e.g., Name, Account & Password, Phone Number, Home Address… etc.
How to avoid online shopping brushing scams?
- Change your passwords immediately. Check the security status of your account. If you think your account has been compromised or hacked by scammers, you might need to consider setting up new accounts for the marketplaces.
- Report the retailer/online shop to the marketplace. Contact customer service and let them investigate the issue.
- It is best not to take the package you didn’t order. However, according to the Federal Trade Commission (FTC), you have the right to keep the goods.
Did you successfully spot the scams? Remember, always CHECK before your next move.
If you think Trend Micro Check is helpful, please SHARE to protect your family and friends.
Click on the button below to try Trend Micro Check for free now: