Costco, Shell, SSA, Louis Vuitton, blogdodge[.]shop, and Gmail — Top Scams & Phishing Schemes of the Week
This week we’ve found a large number of scams that you need to watch out for, including ones relating to Costco, Shell, SSA, Louis Vuitton, blogdodge[.]shop, and Gmail. Would you have been able to spot all the scams?
Online Survey Phishing
Impersonating famous brands, scammers send out fake text messages and emails containing phishing links and try to entice you into opening them with various lies. These links will take you to online survey pages that state you can claim a gift by filling out an online questionnaire. After you complete the questionnaire, you are prompted to enter credit card details before your “gift” can be delivered. Here are some examples:
#1 – Costco Survey Scam
We’ve reported on Costco scams several times before, and they’ve been spreading throughout the US again. Posing as Costco, scammers send you texts that feature fake raffle campaigns to try to trick you:
- We are calling on all Costco shoppers to get a chance to win $25 for answering 3 questions about their shopping experience. <URL>
The pages say that you can win a prize worth up to $100 after you complete the survey:
After that, you will be asked to enter personal information, including even credit card details:
Of course, there will be no prize, and your credentials will end up in the scammers’ hands. Scammers will record everything you enter on their fake pages and use it to commit cybercrimes: e.g., hack into your account or steal your identity. Don’t let them!
Surf the web safely with Trend Micro ScamCheck
Trend Micro ScamCheck is a browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!
After you’ve pinned the ScamCheck extension, it will block dangerous sites automatically! (Available on Safari, Google Chrome, and Microsoft Edge).
You can also download the ScamCheck mobile app for 24/7 automatic scam and spam detection and filtering. (Available for Android and iOS).
Check out this page for more information on ScamCheck.
#2 – Shell Gift Card Scam
Shell gift card scams have continued to circulate this week:
- S H E I I Msg: 8083919249 has been award’d a $500 instant vchr. Must soIicit by Midnight 8/11. Tap: <URL>
Promising you a free voucher, scammers try to trick you into completing an online survey via the phishing link:
Once again, in the end, you will be asked to provide credit card details and other personal credentials. Don’t fall for it!
Fake Login Phishing Pages
Phishing links will also often lead to fake log-in pages that appear to belong to various brands. These pages require you to submit log-in credentials to download a software update, change account settings, or whatever other tasks the scammers have asked you to complete. Here’s an example:
#1 – Social Security Administration (SSA)
We’ve seen a lot of phishing scams targeting people’s financial credentials, but please beware that your social security information is also incredibly valuable to scammers.
Scammers have started to pose as the Social Security Administration (SSA), contacting victims via text message, falsely claiming that their social security accounts could be suspended if the victims don’t follow their instructions.
- my social security account (ssa/ssi) solution: we notice an error in your monthly payments, and your account as been suspended click <URL> to review your claim and b
The attached link will take you to a fake SSA login page:
Fake SSA Login Page
Legitimate SSA Login Page
A sample fake SSA login page URL:
- mbl-systemapp[.]com/ssa-system-app
Note: Always pay close attention to web addresses. The legitimate domain of the SSA website is ssa.gov.
Scammers can access any information submitted on their phishing pages. Be careful!
#2 – Mail Server (Gmail) Phishing
We’ve previously seen a lot of bogus emails impersonating various mail servers. This week, we saw many more. Scammers use various tricks to try to get you to click on the buttons embedded in their phishing emails. For example, they will commonly say there is a security issue with your account or that you need to free up storage space.
The embedded buttons will take you to a fake log-in page that impersonates your mail server. Below is an example:
Remember, don’t enter your log-in credentials because scammers just want to hack into your account!
Online Shopping Scams
Besides phishing text messages and emails, you should also keep an eye out for fake online shopping pages. Below are two of the most currently widespread fake online shops:
#1 – Louis Vuitton
#2 – blogdodge[.]shop
This website has been searched on ScamAdviser.com over 3000 times, and its trust score was only 1 out of 100. Have you come across this fake online shop?
How to Protect Yourself
- Pay close attention to URLs.
- Double-check the sender’s mobile number/email address.
- Only shop on legitimate online shops/platforms.
- Free gifts and prizes are always a major red flag.
- Go to the official website/application instead of using links from unknown sources.
- Never click on links or attachments from unknown sources. Use Trend Micro ScamCheck to surf the web safely (it’s free!).
- Add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection can help you combat scams and cyberattacks. Click the button below to give it a try:
As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.