This week we’ve found a large number of scams that you need to watch out for, including ones relating to Lululemon, Zales, Kay Jewelers, T-Mobile, DHL, Capital One, and Microsoft. Would you have been able to spot all the scams?
Halloween Shopping Scams
Are you celebrating Halloween this weekend? Many online shops have been promoting their Halloween sales campaigns using text messages, but are you sure all the links are safe? We’ve found that scammers are sending out links to websites impersonating well-known online shops. Below are some examples:
#1 – Lululemon
- [Lululemon Halloween Sale] Lululemon Today Enjoy 70% Off! 39.9$ Shop Now {URL} Reply stop unsubscribe
Here’s what the fake shopping page looks like. Can you spot what’s different between it and the legitimate one? (The web address should be shop.lululemon.com)
Fake Lululemon site
Real Lululemon site
Don’t shop on FAKE sites! There will be problems. For example, you’ll likely never receive the goods or they will fail to meet your expectations. In the worst case, you could end up exposing your credit card credentials!
Below are two more examples:
#2 – Zales
- [ZALES Halloween Sale]ZALES Today Enjoy 70% Off! 39$ Shop Now {URL} Reply stop unsubscribe +13134990374
- [Halloween Sale Starts Now] Zales’s – Unlock Exclusive Min 75% Off. Take $5 Off Above $50. See All {URL} Reply STOP to Opt Out
Fake Zales site
Real Zales site
#3 – Kay Jewelers
- [KAY Halloween Sale]KAY Today Enjoy 70% Off! 39$ Shop Now <URL> Reply stop unsubscribe +14582122948
Fake Kay Site
Real Kay site
Shop Online Safely using Trend Micro Check
Trend Micro Check is a browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!
After you’ve pinned the Trend Micro Check extension, it will block dangerous sites automatically! (Available on Safari, Google Chrome, and Microsoft Edge).
You can also download the Trend Micro Check mobile app for 24/7 automatic scam and spam detection and filtering. (Available for Android and iOS).
Check out this page for more information on Trend Micro Check.
Phishing Scams
Impersonating famous brands and companies, scammers send out fake text messages and emails containing phishing links and try to entice you into opening them with various lies.
These phishing links will often lead to online survey pages that state you can claim a gift by filling out an online questionnaire. Scammers can record the data you enter onto these pages and use it to commit crimes such as identity theft.
T-Mobile Survey Scam
T-Mobile is often the victim of impersonation in phishing scams. This time, scammers falsely claim that you can win $100 by completing an online survey via the attached phishing link:
- T-mobile, We REWARD loyaity! Please give us your Feedback & Enjoy $100 0n Us. <URL>
The website the link leads to says that you can get a “limited-time offer” on a Smeg kettle after you complete the survey. After that, you will be asked to enter personal information, including even credit card details:
Warning: Scammers can collect any credentials you submit on the phishing page! With your data, scammers can commit cybercrimes: e.g., hack into your accounts or steal your identity. Don’t let them!
Besides survey pages, phishing links will also often take you to fake login pages that will end up asking you for your personal information and/or login credentials.
Package Delivery Scam
Posing as a delivery company, scammers send a fake delivery notification to you via text message or email. They claim that you have missed the delivery of a package or you have to pay a delivery fee to get the package. The notifications always contain a phishing link that the scammers want you to click on or instructions for you to reply to them with personal information:
#1 – Fake DHL Email
#2 – SMS Delivery Notification
- delivery for +64210686436: Can you please confirm if this stuck deIivery belongs to you? <URL>
Fake Security Alert
#1 – Capital One
Impersonating Capital One, scammers send you a fake alert that says there are security issues with your account. Then they prompt you to click on the attached link to verify and secure your account:
The link will take you to a fake Capital One login page. It looks identical to the legitimate one. Please be careful! (Note: Check the web address; it should always end with capitalone.com)
Fake Capital One login page
Real Capital One login page
#2 – Microsoft
Scammers also impersonate mail service providers and web hosting companies such as cPanel to send you bogus security notifications via email:
The button here leads to a fake Microsoft login page. Remember, DON’T enter anything!
How to Stay Safe from Scams
- Pay close attention to URLs — are they legitimate?
- Double-check the sender’s mobile number/email address.
- Free gifts and prizes are always a major red flag.
- Go to the official website/application instead of using links from unknown sources.
- Never click on links or attachments from unknown sources. Use Trend Micro Check to surf the web safely (it’s free!).
- Add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection can help you combat scams and cyberattacks. Click the button below to give it a try:
As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected. Also, please consider clicking the LIKE button below.