This week, we’ve found lots of phishing scams in which scammers are impersonating trusted brands, including PayPal, Apple, USPS, Walmart, and MORE. Would you have been able to spot all these scams?
Back-to-School Shopping Scam
It’s August already, and most students (and parents) are counting down the days before back to school! You’re probably preparing for it, and plan to buy some back-to-school supplies online. But watch out because scammers are posing as online sellers and spreading links to scam websites via promotional texts:
- XXXXX: Boost productivity with back to school deals! Save up to $448 on purifiers + 10% off filters <URL> Text STOP to opt-out
- XXXXX Bags: Level up their bag game this back to school with our iconic kids’ best sellers. These classics are the real deal – tried, true, and seriously the best of the best. 🚀 Shop now: <URL> Text STOP to opt-out
Most commonly, these shops are not long-established, publicly known brands, and there is no guarantee when it comes to disputes or refunds.
There could also be privacy risks — any personally identifiable information (PII) you submit could be leaked and used for scammers’ own good, e.g., credit card details, delivery information, and more. With your PII, scammers can commit a large number of cybercrimes. For example, they could hack into your account or commit identity theft. Don’t let them!
Protect Your Identity from Scams for FREE
The truth is, there are lots of scams and scam sites on the internet and they’re getting even more difficult to detect with common sense alone. For an easy and reliable method of detecting and avoiding scam sites, check out our free browser extension (Trend Micro ID Protection ) and free mobile app (ScamCheck).
Both ID Protection and ScamCheck can protect you against scams, phishing links, dangerous websites, and lots more! If you come across something dangerous online, you’ll be alerted in real time so you’ll know to stay well clear.
Phishing Attempts
Besides fake shopping sites, scammers also love to use phishing links to try to trick you. Again, impersonating trusted brands or organizations, scammers spread phishing links via text messages or emails with various excuses to try to get you to click. These links will take you to phishing pages designed to steal PII. Below are some examples.
Fake PayPal Security Emails
Scammers will commonly falsely claim you have some security issues with your account and prompt you to use the attached link to do the verification. For instance, scammers pretend to be PayPal and try to convince you to confirm your account via the phishing link:
The links will lead to a fake PayPal page that can record all your PayPal login credentials. If you were to ever fall for it, scammers could gain access to your PayPal account. Be careful!
Shipping Phishing Scams
Have you seen any of these fake websites impersonating delivery companies?
#1 – USPS
We’ve written about fake USPS tracking pages many times. Disguised as USPS, scammers want you to “update delivery details” via these fake pages while they record your PII:
The key safety tip is to take a close look at the web address: is it legitimate (usps.com)? Below are some of the fake USPS URLs we’ve seen over the last week (don’t click!):
- Usps[.]revepost[.]com
- Usps[.]postreve[.]com
- Usps[.]stampreceive[.]com
- Usps[.]stamppos[.]com
- Usps[.]postreceive[.]com
- usrepack-usps[.]top
#2 – Australia Post
Scammers have also been posing as Australia Post (AU Post) and sending fake links via text message — trying to trick you into thinking that your delivery is unsuccessful.
- Delivery unsuccessful. Update address details at <URL> for smooth delivery. Your assistance is appreciated. Thank you for understanding.
The link will take you to a fake AU Post delivery page, of course. From here, you could end up exposing your credit card details as well as other PII. Watch out!
#3 – TrackBox
Such fake delivery notifications also often come in as emails, but the tricks are similar. Don’t click on anything!
Fake Online Survey Pages
On top of fake login pages, scammers also often try to lure you with free gifts. In such phishing attempts, posing as big brands, scammers guarantee you rewards and invite you to finish some “online survey.”
#1 – Apple
Fill out a survey to win a $100 Apple reward? That sounds too good to be true! The embedded button will take you to a fake Apple survey page where you’ll be asked to provide lots of PII. Don’t fall for the scam!
#2 – Walmart
Walmart is one of the most impersonated brands as well. Don’t trust it when a random text says you’ve won a TV!
- Karen, we have made multiple attempts to contact you regarding your uncollected TV. Please visit the link for more information: <URL> Reply STOP to unsubscribe
Again, the link takes you to a fake Walmart page that requires your personal data toward the end.
There will be NO gifts, and your PII will end up in scammers’ hands. Don’t let that happen!
Tips to Stay Safe Online
- Double-check the sender’s mobile number and email address. Even if it seems legitimate, think twice before you take any action.
- Only use official websites and apps. Never click on dubious links!
- If you’ve accidentally revealed your PII somewhere, change your passwords immediately and inform your bank and/or other companies that scammers may contact them pretending to be you.
- Check if any of your PII has been leaked and secure your social media accounts using Trend Micro ID Protection.
- Finally, add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks.
If you’ve found this article an interesting and/or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.