Fake Woolworths voucher scam
Voucher scams are once again doing the rounds. Today’s example masquerades as a Woolworths voucher. Voucher scams come in different flavours. The recipient is promised a voucher if they complete a survey. The recipient must click on a link to go to the survey site. The survey site is a fake site. It requests information (usually credit card details).
A voucher that can be printed and presented to the store is provided. Unfortunately, the voucher is not valid. Worse, the criminals often use the stolen card details to purchase goods. The downloaded voucher may also contain malware. Today’s Woolworths voucher scam aims to steal personal details of the recipient. The probable purpose is to commit identity theft.
Figure A shows the email in question. The criminals have obtained the email address of the recipient. This email may presage a further attack at a later stage. We have blacked out the recipient name and email address. The email is from “Woolworths Voucher”. The email domain is not the Woolworths domain.
The subject line of the email is “Your chance to win a Woolies voucher worth $1000!” There are four links to the malicious site. The email asks a simple (loaded) question. The question is “Which supermarket has better deals”. Two buttons, one with the text “Coles” and the other with “Woolworths” are provided. Both lead to the same malicious site.
This email is a fake. There are checks you can do. Firstly, $1000 is a substantial amount. Few businesses can afford to be giving that amount away (even Woolworths). You can check the Woolworths site for any current promotions. This current “promotion” is conspicuous by its absence. The second check to do is the links. Do they lead back to the Woolworths site? None of the links in this email do. This email is another scam email and can be deleted.