This article is from Trend Micro.
This week we’ve found a large number of phishing scams that you need to watch out for, including ones relating to Home Depot, Walmart, Amazon, Bitcoin, Coinbase, MetaMask, and Trust Wallet. Would you have been able to spot all the scams?
Phishing scams are one of the most commonly used tactics by scammers. Conventionally, while impersonating famous brands, they send out fake text messages and emails containing phishing links and try to entice you into opening them with various lies.
In such phishing schemes, the links lead to online survey pages that state you can claim a gift by filling out a questionnaire. After you complete the questionnaire, you are prompted to enter credit card details before your “gift” can be delivered. Here are a few examples:
We’ve written about several popular Home Depot scams before. And recently scammers have started trying to deceive people via email:
The embedded button will take you to a fake online survey page where you could eventually end up having your personal information exposed. Don’t get scammed!
Trend Micro Check is an all-in-one browser extension for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!
After you’ve pinned Trend Micro Check, it will block dangerous sites automatically! It’s available on Safari, Google Chrome, and Microsoft Edge.
Check out this page for more information on Trend Micro Check.
Scammers pose as Walmart and claim that you’ve won a prize in a “customer draw”. They send you messages such as this:
The links inside the messages will take you to fake Walmart online survey pages that say you can get an iPad Pro as a reward after completing one of the questionnaires:
We’ve seen Amazon survey scams several times, and now they’re popular again, but this time they’re using an updated layout:
In the end, you will have to enter credit card information to claim your reward — and you know what will happen: no gifts will ever appear, and your credentials will be sent directly to a scammer!
Scammers’ ultimate goal is to steal your personal information — they’ll record everything you enter on their fake pages and use it to commit cybercrimes: e.g., hack into your bank account or steal your identity!
Besides directing you to online survey pages, the links, in other instances, take you to fake log-in pages that appear to belong to various brands. These pages require you to submit log-in credentials and recovery phrases to download a software update, change account settings, or whatever other tasks the scammers have asked you to complete:
Posing as Coinbase, scammers send fake security alerts via SMS to try to lure you into clicking on phishing links:
Note: Take a close look at the web address. The legitimate web address of Coinbase is coinbase.com!
Examples of fake Coinbase websites. (Check the web address!)
Besides text message scams, this week we’ve detected many fake MetaMask security alert emails that falsely claim your MetaMask wallet is going to be suspended for some security issue:
Fake Trust Wallet emails have also been very popular with scammers lately:
In all these types of scams, you are encouraged to click on an embedded link. The link then takes you to a fake MetaMask/Trust Wallet website.
If you submit credentials like your recovery phrase, scammers can hack into your wallet and transfer all your crypto away! What’s worse, since cryptocurrencies are decentralized, it would be nearly impossible to get your money back! Watch out!
Scammers also try to trick you into sending them cryptocurrency directly.
Who doesn’t want free bitcoin? What would you do if a random person online asked you to send them bitcoin and promised to double it? Sound too good to be true? It is. Don’t expect any bitcoin in return!
The scam web address: www[.]btcgivefast[.]com
As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.