Binance Holdings PayPal Invoice, UPS, iCloud, Costco, Walmart, & Kohl’s— Top Scams and Phishing Attempts This Week
Author: Trend Micro
We’ve found a large number of scams and phishing attempts this week, including ones relating to Binance Holdings PayPal invoice, UPS, iCloud, Costco, Walmart, and Kohl’s. Would you have been able to spot all these scams?
Binance Holdings PayPal Invoice Scam
Not all email invoices from PayPal are legitimate! We’ve reported on PayPal-based invoice scams several times before, and this week the most impersonated brand is Binance:
Binance Holdings PayPal Invoice Scam (1). Source: Online Threat Alerts
Although the sender’s email address seems genuine (service@paypal.com), you should still be careful, as these invoices are sent by scammers. They send out bogus invoices via PayPal to try to prompt you to call the included phone number by alarming you with the (fake) charge.
Binance Holdings PayPal Invoice Scam (2). Source: Reddit
If you fall for it, scammers will try their best to trick you into sharing your personal and/or financial information over the phone — which they can use to commit any number of other crimes (using YOUR IDENTITY)!
How Did the Scammers Get My Email Address?
Scammers will most often get email addresses from underground internet forums or the dark web — two places that are hotbeds for stolen/leaked data.
Protect Your Identity and Personal Info
With our new (and FREE!) ID Protection tool, you can:
- Check to see if your data (email address, phone number, password, social media) has been exposed in a leak.
- Secure your social media accounts with our Social Media Account Monitoring tool, with which you’ll receive a personal report.
- Receive the strongest tough-to-hack password suggestions from our advanced AI.
Phishing Scams
Besides PayPal invoice scams, scammers have a lot of other tactics they use to try to get you to fall for phishing scams.
Impersonating trusted brands, and under a variety of pretenses, scammers will send you phishing links via text message or email — always with the goal of stealing your personally identifiable information (PII) (i.e. email address, Social Security number, credit card number, and more). They will prompt you to click on phishing links to complete various tasks or to take action (e.g. verify an account, update billing information, or check a delivery’s status).
The phishing links lead to scam/phishing sites designed to record any PII you submit. Not surprisingly, scammers will then use your stolen information to commit identity theft or other crimes. Below are some examples.
UPS Shipping Scam
A reoccurring pretense that scammers use is fake package delivery. They send you fake delivery notifications and ask you to check the status via the attached phishing link:
[Information] Your parcel number 3687888692 We tried to deliver your parcel today but you weren’t in or there was no safe place to leave it. Your action is required. If this item is unclaimed by the date, then it will be returned to sender. Please reschedule delivery > <URL> The first and second delivery attempt was free of charge. To schedule a new delivery, a shipping fee must be paid. Best Regards, UPS
The phishing link will take you to a fake UPS package tracking page that instructs you to “reschedule delivery” by filling out detailed personal information:
UPS Shipping Scam
You could end up exposing your credit card information and other PII, and these credentials will all end up in scammers’ hands. Don’t let that happen!
Stay Protected From Phishing Scams (Free Tool!)
The best way to prevent phishing scams is to never click on links or attachments from unknown sources, but a FREE tool to help you fight scams wouldn’t hurt either, would it? Trend Micro Check, is a free browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links. Download today and surf the web with confidence!
Trend Micro Check browser extension blocks dangerous sites in real time! (Available on Safari, Google Chrome, and Microsoft Edge.)
Trend Micro Check mobile mobile automatically detects and filters scams and spam 24/7 . (Available for Android and iOS).
Check out this page for more information on Trend Micro Check.
iCloud Phishing Scam
Scammers also use free iCloud storage updates to try to lure you into clicking on their phishing links:
iCloud Phishing Scam (1)
The scam email will take you to a fake iCloud page
iCloud Phishing Scam (2)
Phishing links also often lead to fake online survey pages that falsely guarantee you free gifts for completing questionnaires:
Costco Survey Scam
Have you been sent a text message about taking a Costco online survey for cash? It’s very likely a scam! Here’s one example of such a message:
- CostcoMsg: Winter is long gone and we’re asking current consumers to complete a few quick questions for us. <URL>
The phishing link leads to fake Costco survey pages that, once again, can collect all your personal information:
Costco Survey Scam (1)
The fake pages will even ask you to provide credit card details for “the delivery of your gift” (of course, there is no gift). Be careful!
Costco Survey Scam (2)
Other online survey scams are sent via email, and similarly, they will direct you to a phishing page where you could have your PII compromised. See below for two examples.
Walmart Survey Scam
Kohl’s Phishing Scam
Tips to Stay Safe from Scams
- Double-check the sender’s mobile number/email address. Even if it seems legitimate, think twice before you take any action.
- Free gifts are a red flag.
- Only use official websites/applications. Never click on dubious links! (Use Trend Micro Check)
- Get alerted if any of your PII gets leaked using Trend Micro ID Protection.
- Finally, add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks.
If you’ve found this article an interesting and/or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.
This article was published in collaboration with Trend Micro.
Image source: unsplassh.com
Report a Scam!
Have you fallen for a hoax, bought a fake product? Report the site and warn others!
Scam Categories
Help & Info
Popular Stories
As the influence of the internet rises, so does the prevalence of online scams. There are fraudsters making all kinds of claims to trap victims online - from fake investment opportunities to online stores - and the internet allows them to operate from any part of the world with anonymity. The ability to spot online scams is an important skill to have as the virtual world is increasingly becoming a part of every facet of our lives. The below tips will help you identify the signs which can indicate that a website could be a scam. Common Sense: Too Good To Be True When looking for goods online, a great deal can be very enticing. A Gucci bag or a new iPhone for half the price? Who wouldn’t want to grab such a deal? Scammers know this too and try to take advantage of the fact. If an online deal looks too good to be true, think twice and double-check things. The easiest way to do this is to simply check out the same product at competing websites (that you trust). If the difference in prices is huge, it might be better to double-check the rest of the website. Check Out the Social Media Links Social media is a core part of ecommerce businesses these days and consumers often expect online shops to have a social media presence. Scammers know this and often insert logos of social media sites on their websites. Scratching beneath the surface often reveals this fu
So the worst has come to pass - you realise you parted with your money too fast, and the site you used was a scam - what now? Well first of all, don’t despair!! If you think you have been scammed, the first port of call when having an issue is to simply ask for a refund. This is the first and easiest step to determine whether you are dealing with a genuine company or scammers. Sadly, getting your money back from a scammer is not as simple as just asking. If you are indeed dealing with scammers, the procedure (and chance) of getting your money back varies depending on the payment method you used. PayPal Debit card/Credit card Bank transfer Wire transfer Google Pay Bitcoin PayPal If you used PayPal, you have a strong chance of getting your money back if you were scammed. On their website, you can file a dispute within 180 calendar days of your purchase. Conditions to file a dispute: The simplest situation is that you ordered from an online store and it has not arrived. In this case this is what PayPal states: "If your order never shows up and the seller can't provide proof of shipment or delivery, you'll get a full refund. It's that simple." The scammer has sent you a completely different item. For example, you ordered a PlayStation 4, but instead received only a Playstation controller. The condition of the item was misrepresented on the product page. This could be the
