Shell, Amazon, Citizens Bank, Venmo, Netflix, USPS — Top Text & Email Phishing Scams of the Week

    Shell, Amazon, Citizens Bank, Venmo, Netflix, USPS — Top Text & Email Phishing Scams of the Week
    iStock

    This week we’ve found a large number of scams that you need to watch out for, including ones relating to Shell, Amazon, Citizens bank, Venmo, Netflix, USPS, and MORE. Would you have been able to spot all the scams?

    Phishing is one of the most commonly used tactics by scammers. Conventionally, while impersonating famous brands, they send out fake text messages and emails containing phishing links and try to entice you into opening them with various lies.

    In such phishing schemes, the links will take you to online survey pages that state you can claim a gift by filling out an online questionnaire. After you complete the questionnaire, you are prompted to enter credit card details before your “gift” can be delivered. Here are some examples:

    Shell Gift Card Scam

    We reported on Shell gift card scams earlier this month, and this week they’ve gone viral again:

    • Celebrate FATHER’s DAY with SHEII:  YOU n 5 W0N $1,000Gas cards! expire 6/18: <URL> txtSTOP2UnSub

    Promising you a $1000 Shell gift card, scammers try to trick you into clicking on the phishing link that leads to a Shell online survey page:

    Spot the Scam_Shell_20220624_1

    In the end, you are asked to provide personal details like credit card information. Scammers can record everything you submit on this page and use it to steal your money or commit other cybercrimes such as identity theft. Don’t let them!

    Spot the Scam_Shell_20220624_2

    Surf the web safely with Trend Micro ScamCheck (it’s free!)

    Trend Micro ScamCheck is a browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!

    After you’ve pinned the ScamCheck extension, it will block dangerous sites automatically! (Available on Safari, Google Chrome, and Microsoft Edge).

    TMC_CTA_Extension_2022

    You can also download the ScamCheck mobile app for 24/7 automatic scam and spam detection and filtering. (Available for Android and iOS).

    TMC_CTA_Mobile_2022

    Check out this page for more information on ScamCheck.

    Amazon Gift Card Scam

    Ever since Amazon announced that Amazon Prime Day will take place on July 12, we’ve spotted lots of phishing attempts related to Amazon. Promising you a free Valentine’s Day gift card, scammers try to get you to click on their phishing link:

    • Great news, Bob! You have an Amazon gift card that’s ready-to-use. Claim it here and see who it’s from. It’s a Valentine’s gift from someone special: <URL> 🎈

    The link leads to an Amazon online survey page that says you can win a PlayStation 5 after you’ve taken the survey.

    Spot the Scam_Amazon_20220624_1

    Again, don’t submit any credentials here! There will be NO PS5, and you could end up exposing your personal data.

    Spot the Scam_Amazon_20220624_2

    Online survey phishing scams are also circulating via emails. This week we’ve detected over 10,000 such phishing emails featuring fake online survey campaigns:

    Venmo Gift Card Phishing

    This is not the first time we’ve written about Venmo gift card phishing scams. Posing as Venmo, scammers trick you into joining a bogus “Loyalty Program” for the chance to win a $750 gift card via the embedded button:

    Spot the Scam_Venmo_20220624

    The button, as we’ve stressed several times, will take you to a fake online survey page that will steal whatever information you enter. Don’t get scammed!

    Netflix Reward Phishing

    Netflix is also one of the most impersonated brands for phishing attempts. “Guaranteeing” you an exclusive reward, scammers want you to click on the button and go to a phishing page and hand over personal data. Don’t fall for it!

    Spot the Scam_Netflix_20220624

    Phishing links will also often lead to fake log-in pages that appear to belong to various brands. These pages require you to submit log-in credentials to download a software update, change account settings, or whatever other tasks the scammers have asked you to complete. Here are some examples:

    Citizens Bank

    We’ve seen a lot of fake text messages impersonating banks. Falsely claiming that there are security issues with your bank account, scammers pretend to be Citizens bank and urge you to click on the attached link to verify or secure your account:

    • ctz(bnk) : your online access has been deactivated. go to {URL} and follow the on-screen instructions to update
    • ctzns : your 6 digit zelle code is 712812 if this was not requested by you follow the link below to verify details now {URL}

    The link will take you to a fake Citizens bank log-in page. Don’t submit your username or password here — scammers can thus gain control of your bank account. Be careful!

    Spot the Scam_Citizen_20220624

    Sample URLs of fake Citizens bank log-in pages:

    • identitysecure-citizenn[.]com
    • upl0qd-ctz[.]us

    USPS Delivery Phishing Email

    Fake shipping text messages and emails that appear to come from delivery companies are always popular scams. This week we detected nearly 4,000 fake USPS delivery notification emails containing phishing links:

    Spot the Scam_USPS_Email_20220624

    If you click on the button to check the details of your delivery, you will be led to this fake USPS log-in page. You already know what will happen — scammers are spying on you, and they will rob all your credentials!

    Spot the Scam_USPS_Phishing Page_20220624
    Fake USPS log-in page

    Mail Server Phishing

    Sometimes fake security alerts also come like this:

    Spot the Scam_Email Support_20220624

    Scammers lie to you, saying that you need to confirm your email address. If you do follow their instructions, you will end up on this log-in page. Remember, don’t enter your log-in credentials because scammers just want to hack into your account!

    Spot the Scam_Email Support_Webmail_20220624

    How to Protect Yourself

    • Double-check the sender’s mobile number/email address.
    • Free gifts and prizes are always a major red flag.
    • Go to the official website/application instead of using links from unknown sources.
    • Never click on links or attachments from unknown sources. Use Trend Micro ScamCheck to surf the web safely (it’s free!).
    • Add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection can help you combat scams and cyberattacks. Click the button below to give it a try:

    As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.

    Post a comment

    Your email address won't be shown publicly.

    0 Comments

      This website uses cookies for website functionality, traffic analytics, personalization, social media functionality and advertising. Our Cookie Notice provides more information and explains how to amend your cookie settings.