It’s April Fool’s Day! Playing pranks on friends and loved ones can be fun, but being deceived by scammers is definitely not — and it might end up costing you an arm and a leg!
This week we’ve found a large number of scams that you need to watch out for, including ones relating to Ray-Ban, T-Mobile, Amazon, the IRS, the Open Society Foundations, as well as a sextortion email scam. Would you have been able to spot all the scams?
Online Shopping Scam — Ray-Ban Sales
“Ray-Ban/Oakley/Costa Sunglasses Up To 90% Off!” Is that another April Fool’s Day joke?
We’ve seen fake Ray-Ban sales campaigns several times before, and now the online shopping scams have resurfaced via email:
Luring you in with too-good-to-be-true deals, scammers prompt you to click on the attached link in the spam email. The link will take you to a fake Ray-Ban website:
Fake Ray-Ban websites: www.zdcrb[.]com / www.zxxrb[.]com
The prices of the products on this website are all extremely low — again, if it seems too-good-to-be-true, it’s a SCAM! Every penny spent here will end up in the scammers’ hands, and they will even be able to directly access your credit card information. Watch out!
Note: Always pay close attention to the URLs of websites. The URL for the legitimate Ray-Ban website is www.ray-ban.com. Don’t get scammed!
For more tips on spotting fake online shops, check out this article.
Browse the web safely with Trend Micro ScamCheck (it’s free!)
ScamCheck is an all-in-one browser extension for detecting scams, phishing attacks, malware, and dangerous links – and it’s FREE!
After you’ve pinned ScamCheck, it will block dangerous sites automatically! It’s available on Safari, Google Chrome, and Microsoft Edge.
Check out this page for more information on ScamCheck.
Phishing Scams
Phishing scams are one of the most commonly used tactics by scammers. Conventionally, while impersonating famous brands, they send out fake text messages and emails containing phishing links and try to entice you into opening them with various lies.
In such phishing schemes, the links lead to online survey pages that state you can claim a gift by filling out a questionnaire. After you complete the questionnaire, you are prompted to enter credit card details before your “gift” can be delivered.
The scammers’ ultimate goal is to steal your personal information — they’ll record everything you enter on their fake pages and use it to commit cybercrimes: e.g., hack into your bank account or steal your identity! Here are a few examples:
T-Mobile
T-Mobile is one of the most commonly impersonated brands. In the recent T0Mobile phishing scams, scammers “promise” you a free iPad to trick you into clicking on the attached phishing link:
- GREAT NEWS: phn# 9512820784 earned a free Apple-lPad from your CARRIER. Get it TODAY. Limited Supplies. <URL> STOP2END
The link will take you to an online survey page that collects all the sensitive credentials you submit.
With them, scammers can commit any number of cybercrimes. For example, they could use the credit card information you enter to hack into your bank account and withdraw your money, or even use your personal information to commit identity theft. Don’t let them!
Amazon Gift Card Scams
These latest Amazon gift card and rewards scams have been spreading like crazy via text message. Here’s one example of what the rewards scams look like:
- RAW, someone from wants to send you an Amazon gift card as a present. Please claim your $1000 AMAZON GIFT CARD NOW!!! <URL>
Once you click on the link, it will lead you to a malicious site that is designed to trick you into entering your personal information — don’t fall for it!
Besides directing you to online survey pages, the links, in other instances, take you to fake log-in pages that appear to belong to various brands. These pages require you to submit log-in credentials to download a software update, change account settings, or whatever other tasks the scammers have asked you to complete:
Amazon Prime Login Scam
We’ve reported on Amazon Prime phishing scams many times. Falsely claiming that there’s an issue with your Amazon Prime account, scammers try very hard to make you click on the attached link to update your account information:
- we were unable to charge your prime access. visit {URL} to keep your access.
- your amazonprime cannot be charged. please revise your card at {URL} to keep your amazonprime access.
- -amazonprime- we have been unable to process your last payment, please visit: {URL} to update your payment information.
Again, the links will take you to a website designed to steal your personal information. Watch out!
IRS Tax Scams
As the end of the 2022 tax season is approaching, scammers haven’t stopped trying to exploit people by creating fake tax refund websites that look very similar to the legitimate IRS site. In the first 3 months of 2022, we detected over 140 thousand bogus tax refund websites. Below is an example:
To get you on these scam websites, scammers will send you text messages or emails that instruct you to file your taxes, claim refunds, or complete other tasks via the attached links. Once you’re on these fake IRS pages, you run the risk of exposing personal details such as your home address, date of birth, and Individual Taxpayer Identification Number (ITIN).
Other Email Scams
Bitcoin Sextortion Scam
Once in a while, you might receive an email in which someone who calls themselves a “hacker” says that they’ve spied on you and gained access to your computer, threatening to expose something they’ve secretly recorded (most of the time private videos) unless you pay them in bitcoin. Don’t panic. Don’t send the cryptocurrency. It’s a scam! Please just ignore the email and delete it!
Windfall Scam — Open Society Foundations
Who doesn’t like free money? But we all know it doesn’t exist, so if you receive an email that says you can get huge amounts of money at no cost, just ignore and delete it! Recently, we detected many scam emails entitled “Financial Gift” in which scammers falsely claim they are giving you “free-will financial donations”. If you take the bait, you have to reply to the email and provide further personal information to scammers — you already know what will happen! Be careful!
How to Protect Yourself
- Double-check the sender’s mobile number/email address.
- Shop only on legitimate shopping websites and platforms.
- Free gifts or prizes are always a major red flag.
- Always go to the official website/application instead of using links from unknown sources.
- Use Trend Micro ScamCheck to surf the web safely (it’s free!).
- Add an extra layer of protection to your device with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection can help you combat scams and cyberattacks. Click the button below to give it a try:
As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.