This week we’ve found phishing attempts in which scammers are impersonating Coinbase, DSW, Apple, PayPal, and more. Would you have been able to spot these scams?
Phishing Scams
Posing as trusted brands, scammers send out texts and emails containing phishing links and try to trick you into clicking on them under various pretenses. These links will take you to phishing pages designed to steal your PII, such as your Social Security number, login credentials, or credit card details. With it, scammers can take control of your account, your money, as well as your identity. Below are some examples:
Fake Coinbase Withdraw Notification
Do you use Coinbase? Recently some people said that they’ve received email notifications about bank transactions they don’t recognize. Watch out – these emails are NOT legitimate!
Although the sender’s name is no-reply@coinbase.com, if you take a closer look at the sender’s email address, you will find that it’s not an official one (a genuine Coinbase email address ends with @coinbase.com).
Scammers instruct you to click on the attached link if you want to cancel the transaction; if you proceed, you will be taken to a fake Coinbase page that requires all your login credentials. They can thus hack into your account and steal your funds. Don’t let them!
Protect Yourself from Scams
The truth is, there are lots of scams and scam sites on the internet and they’re getting even more difficult to detect with common sense alone. However, for an easy and reliable method of detecting and avoiding scam sites, check out Trend Micro ID Protection.
ID Protection can shield you from scams, fake and malware-infected websites, dangerous emails, phishing links, and lots more! If you come across something dangerous online, you’ll be alerted in real time so you’ll know to stay well clear.
Apple PayPal Invoice Scam
Sometimes the scams get trickier; simply checking the sender’s email address won’t be enough. For example, scammers have been making use of PayPal to exploit people:
Here’s how it works:
- First, scammers create a PayPal account and send you an Apple invoice, saying you need to pay $989.99. That’s why the sender’s email address is service@paypal[.]com and SEEMS legitimate.
- Then, scammers instruct you to contact them to cancel the order via a phone number if you don’t recognize it.
- If you do contact the number, scammers will try to get you to share detailed personal information over the phone or even download some “remote control” software to your cellphone. Beware!
Fake DSW Website (cadfcuie[.]com)
We’ve reported on fake DSW outlet online shops before, and recently they’re still out there awaiting innocent victims. Impersonating Designer Brands Inc. (DSW), the website features too-good-to-be-true deals on Crocs – can you believe you can enjoy a 99% discount?
Note: The legitimate web address of DSW is dsw.com. Always take a close look and don’t fall for any of the copycat websites!
DSW Scam: Other Red Flags
- Lack of customer reviews.
- Low trust score on Scamadviser.
- The website is very young – registered on January 31, 2024.
Trend Micro has identified cadfcuie[.]com as a classic retail scam site. Don’t shop or engage further there! If you do, you could not just lose money, but end up exposing your personal and financial information. Be careful!
Text Scams
Besides emails, we’ve also detected lots of scam text messages containing phishing links. Following our report last week, scammers continue to use fake phone security alerts to try to scam you:
- IMMEDIATE ACTION REQUIRED: Five apps pose a serious threat to your phone. Swiftly uninstall these to maintain the security of your information <URL> (Detected 2,191 times by Trend Micro last week)
- URGENT SECURITY ALERT: Your phone is compromised by 0 apps. Quickly remove these apps to protect your data: <URL> (Detected 2,196 times by Trend Micro last week)
Again, no matter which tactics scammers use, their goal is to prompt you to reveal all your PII via malicious links/websites. Look out!
Tips to Stay Safe Online
- Double-check the sender’s mobile number and email address. Even if it seems legitimate, think twice before you take any action.
- Reach out to the company’s customer service directly for help and support.
- Never click on dubious links or attachments! Stick to official websites and apps.
- If you’ve accidentally revealed your PII somewhere, change your passwords immediately and inform your bank and/or other companies that scammers may contact them pretending to be you.
- Check if any of your PII has been leaked and secure your social media accounts using Trend Micro ID Protection.
- Finally, add an extra layer of protection to your devices with Trend Micro Mobile Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks.
If you’ve found this article an interesting and/or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.