EN
This week we’ve found a large number of phishing scams that you need to watch out for, including ones relating to Omicron, Amazon, the IRS, UPS, Walmart, Costco, Coinbase, and LinkedIn. Would you have been able to spot all the scams?
Phishing scams are one of the scammers’ favorite weapons! Conventionally, while impersonating famous brands, they send out fake text messages and emails containing phishing links and try to entice you into opening them with promises of “prizes”, “discounts”, and more.
Most commonly, the links take you to fake log-in pages that seem to belong to various brands. These pages require you to submit log-in credentials to check a package’s delivery status, change account settings, or whatever other tasks the scammers have asked you to complete. Here are a few examples:
It can be terrifying to learn that you might have been exposed to COVID-19, especially its Omicron variant. We’ve reported on “Free Omicron PCR Test” phishing emails from the NHS before, but now they’ve started to circulate as phishing text messages:
You’ve been in close contact with someone who has recently tested positive for Omicron. Please order a PCR test kit: order-pcr-test[.]com
The link will take you to a fake NHS log-in page where you have to submit personal credentials and credit card details to deliver the testing kit.
In other instances, these links lead to online survey pages that state you can claim a gift by filling out an online questionnaire. After that, you are prompted to enter credit card numbers before your “gift” can be delivered.
“You’ve won in a raffle!” This line is probably the scammers’ absolute favorite!:
You, W0N The DaiIy RaffIe for a $5OO GlFT-CARD..CoIIect your PRlZE by MlDNlGHT <URL> Stop to end
As with other scams, the link leads to a fake online survey page that eventually collects your credentials, including credit card details. Don’t get scammed!
The scammers’ ultimate goal is to steal your personal information — they’ll record everything you enter on their fake pages and use it to commit cybercrimes: e.g., hack into your bank account or steal your identity. Don’t let them!
Browse the web safely with Trend Micro Check (it’s free!)
Trend Micro Check is an all-in-one browser extension for detecting scams, phishing attacks, malware, and dangerous links – and it’s FREE!
After you’ve pinned Trend Micro Check, it will block dangerous sites automatically! It’s available on Safari, Google Chrome, and Microsoft Edge.
Check out this page for more information on Trend Micro Check.
Amazon is easily one of the most impersonated brands. Promising gift cards or other expensive rewards, scammers try to lure you into clicking on the attached phishing links with various excuses:
RED CROSS BLOOD CRISIS: Your help is critically needed! Come give in Feb=$10 Gift Card by email from Amazon! Book now: <URL> Reply2Stop
This week we’ve also detected several other fake raffle campaigns that have been spreading via email. The links in these fake emails will direct you to a fake online survey page that tries to collect your address and credit card details.
“We have a surprise for you…” — scammers.
“Congrats! You’ve received a WALMART reward!” – scammers. (There’s no reward!)
“Congrats! You can get an iPhone 13 from Costco!” – Scammers
Just like last week, the reoccurring LinkedIn phishing emails are still out there, leading victims to scam/explicit dat7r3nd4Lyf32ing websites where you could eventually lose your personal information as well as money. Don’t fall for it!
We’ve seen scammers pose as Coinbase and send fake account retrieval emails to users before, but now this phishing scam has a new SMS-based variant:
【coinbase】wallet freeze, unfreeze period 2022-2-19 coinbasehk[.]co
If you fall for it and click on the attached link, you will be taken to a fake Coinbase website (always take a close look at the web domain). Here, you are requested to “update” your crypto wallet and enter a recovery phrase — DON’T!
Note: the legitimate web address for Coinbase is coinbase.com.
Besides Coinbase, we detected lots of other scams featuring crypto wallet companies, including Trust Wallet and MetaMask. Read the full story here.
The 2022 tax filing season began on January 24th. As ever, the scammers wasted no time launching lots of fake tax refund websites to exploit people. They’ve created copycat websites that look very similar to legitimate government websites — both in the US and overseas — to try to steal people’s personal information:
As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.
