GroupMe iPad Giveaway, Costco, Walmart, and Tinder — Top Scams of the Week

Header

Author: Trend Micro

May 8, 2023

We’ve detected tons of phishing scams this week, including ones relating to GroupMe iPad giveaway, Costco, Walmart, and Tinder. Would you have been able to spot all these scams?  

What is phishing?  

Impersonating trusted brands, and under a variety of pretenses, scammers will send you phishing links via social media, text message, or email — always with the goal of stealing your personally identifiable information (PII) (i.e. email address, Social Security number, credit card number, and more). They will prompt you to click on phishing links to complete various tasks or to take action (e.g. verify an account, update billing information, or check a delivery’s status). Or, more often, they will promise you free gifts and ask you to claim the reward via the attached phishing links.  
  
These phishing links lead to scam/phishing sites designed to record any PII you submit. With your stolen information, scammers can commit identity theft or other crimes. Below are some examples.  

GroupMe[.]fun iPad Giveaway Scam 

We’ve reported on GroupMe giveaway scams in which scammers spread phishing links using GroupMe before — and this week there seems to have been another wave of them.  

The phishing link will take you to a series of fake online survey pages that say you can get a gift after completing the survey.  

Note: Take a close look at the web address — it’s not a genuine GroupMe website! (It should be groupme.com) 

GroupMe[.]fun Scam 

Sample fake GroupMe websites: 

  • Groupme[.]fun 
  • Groupme[.]love 
     

If you proceed with the survey, you will be instructed to claim the free iPad by hitting the “Claim Now!” button:

 

GroupMe[.]fun iPad Giveaway Scam (1)


The button will take you to another site that requests your PII, including your home address and phone number, and in the end, it may even ask for your credit card credentials.

GroupMe[.]fun iPad Giveaway Scam (2)


Protect Yourself from Phishing Scams (Free Tool!)    

The best way to prevent phishing scams is to never click on links or attachments from unknown sources, but a FREE tool to help you fight scams wouldn’t hurt either, would it? Trend Micro Check is a free browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links. Download today and surf the web with confidence! 

http://

The Trend Micro Check browser extension blocks dangerous sites in real time! (Available on Safari, Google Chrome, and Microsoft Edge.)  

http://

The Trend Micro Check app automatically detects and filters scams and spam 24/7. (Available for Android and iOS). 

Check out  this page for more information on Trend Micro Check.    

 

Costco Survey Scam 

Costco is always among the top-ranking impersonated companies in our weekly scam detection. This week we found a lot of fake Costco scam texts. Have you seen anything similar? 

Costco: We’re conducting our monthly audit and would like some input from current shoppers. <URL> 

Again, posing as Costco, scammers falsely claim that you can get a gift by finishing their online customer survey via the attached link. Not surprisingly, it will take you to a fake Costco survey page:

 

Costco Survey Scam (1)

You could end up exposing your PII and credit card details. Of course, scammers will collect all of these credentials and use them for their own good. Don’t let them! 

Costco Survey Scam (2)

Walmart Survey Scam 

Walmart is also another reoccurring brand that’s exploited in phishing scams. Scammers send you a random notification and try to lure you into clicking on the attached link to steal your PII: 

Walmart Notify – The certificate ending in 3932 has to be spent by Today <URL> 

Featuring $100 cash as a gift, the phishing page will guide you into inadvertently sharing your PII. Be careful! 

Walmart Survey Scam (1)
 

Walmart Survey Scam (2)

Tinder Scam 

“Someone matched with you on Tinder!” If you receive a similar email, don’t be quick to click the button. Check the sender — is it really from Tinder?  

Tinder Scam (1)

We’ve seen similar Tinder phishing scams several times before. If you fall for one and click on the embedded button, it will lead you to an adult-themed phishing page where, as mentioned, you will be asked to submit your PII. Be careful! 

Tinder Scam (2)

Tips to Stay Safe from Scams 

  • Double-check the sender’s mobile number/email address. Even if it seems legitimate, think twice before you take any action.  
  • Free gifts are a red flag.  
  • Only use official websites/applications. Never click on dubious links! (Use Trend Micro Check)   
  • Get alerted with Trend Micro ID Protection if any of your PII gets leaked.   
  • Finally, add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks.

If you’ve found this article an interesting and/or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.  

This article was published in collaboration with Trend Micro.

Image source: unsplash.com

Report a Scam!

Have you fallen for a hoax, bought a fake product? Report the site and warn others!

Help & Info

Popular Stories

As the influence of the internet rises, so does the prevalence of online scams. There are fraudsters making all kinds of claims to trap victims online - from fake investment opportunities to online stores - and the internet allows them to operate from any part of the world with anonymity. The ability to spot online scams is an important skill to have as the virtual world is increasingly becoming a part of every facet of our lives. The below tips will help you identify the signs which can indicate that a website could be a scam. Common Sense: Too Good To Be True When looking for goods online, a great deal can be very enticing. A Gucci bag or a new iPhone for half the price? Who wouldn’t want to grab such a deal? Scammers know this too and try to take advantage of the fact. If an online deal looks too good to be true, think twice and double-check things. The easiest way to do this is to simply check out the same product at competing websites (that you trust). If the difference in prices is huge, it might be better to double-check the rest of the website. Check Out the Social Media Links Social media is a core part of ecommerce businesses these days and consumers often expect online shops to have a social media presence. Scammers know this and often insert logos of social media sites on their websites. Scratching beneath the surface often reveals this fu

So the worst has come to pass - you realise you parted with your money too fast, and the site you used was a scam - what now? Well first of all, don’t despair!! If you think you have been scammed, the first port of call when having an issue is to simply ask for a refund. This is the first and easiest step to determine whether you are dealing with a genuine company or scammers. Sadly, getting your money back from a scammer is not as simple as just asking.  If you are indeed dealing with scammers, the procedure (and chance) of getting your money back varies depending on the payment method you used. PayPal Debit card/Credit card Bank transfer Wire transfer Google Pay Bitcoin PayPal If you used PayPal, you have a strong chance of getting your money back if you were scammed. On their website, you can file a dispute within 180 calendar days of your purchase. Conditions to file a dispute: The simplest situation is that you ordered from an online store and it has not arrived. In this case this is what PayPal states: "If your order never shows up and the seller can't provide proof of shipment or delivery, you'll get a full refund. It's that simple." The scammer has sent you a completely different item. For example, you ordered a PlayStation 4, but instead received only a Playstation controller.  The condition of the item was misrepresented on the product page. This could be the