Woolworths voucher scam

Woolworths voucher scam

A scam email purporting to be from Woolworths surfaced late last week. The email says that recipients can receive a $150 voucher if they answer a simple question regarding the year Woolworths was founded. The email is however a scam. Woolworths do not currently have such a promotion.

The email contains a link to an external site (which is not Woolworths) where the recipient is required to fill out their personal details, including credit card numbers. In the past, there have been several cases where users have followed the link, filled out their details, and later found unauthorised transactions on their credit card.

Figure A shows what the email looks like. On a cursory glance it looks reasonably legitimate. Closer inspection throws up a few red flags, however. Firstly, the links are not links back to Woolworths; they link back to a phishing site. Secondly, the grammar is somewhat flawed. A real red flag, however, is the spelling of the word prize: on the email it is spelt “price”, which is incorrect.

MailShark Woolworths voucher scam
Figure A – Click to Enlarge

Asking recipients to fill out a survey in return for a free voucher is a favoured tool for scammers. Even if only 1% of all users fall for the trick, the scammers can still make money. To complicate matters, marketing companies often offer free vouchers as an inducement for users to complete surveys. Hence, recipients of scam emails may be less likely to check the veracity of the sender.

This particular scam is limited to email at present, but it may also appear on Facebook, as this is another favourite conduit for scammers. One person likes a page with the scam survey. The Facebook like is posted to the victim’s friend’s timelines. Friends see the like, and visit the page. In this way, the scam survey can be propagated rapidly.

This scam email started appearing late last week. The timing is probably not a coincidence; the Christmas shopping season is starting up, and many people will be quite rightly looking for bargains. Unfortunately, this email is a scam. If you receive it, delete it.

Scott Reeves
MailShark
Free anti-spam service
Free email filter service

Share This Post

2 Comments - Write a Comment

  1. Kristine Rosenberg · Edit

    I am one of the people who received the Woolworths $1.000 offer if you answer the questions correctly. I answered the first 3 which were correct then for some reason, thought about it, got out of it and thankfully, saw and read your notice on recent scams, I then went back to my inbox and it had gone, that was without me deleting it. I have a couple of questions if that’s ok, firstly how do these people find our names and email addresses, secondly, as I did answer three questions, does that put me at risk at all, also, these scammers are always out to get innocent people’s money, as I didn’t go to the end of their survey, I don’t know if they actually ask for bank details or not.
    I will look forward to your reply,
    Thank you so much,
    Sincerely,
    Kris Rosenberg

    Reply
    1. Hi Kristine. Thank you for your notification and we’re happy the MailShark website posting helped here. To answer your queries, there’s a number of ways your email addresses are obtained. They range from public scanning of websites, various internet searches, on-line forums, fake websites harvesting email addresses, email list sales (from the black market or newsletter suppliers that have sold their lists), suppliers who have your email address and have been hacked (possibly not reporting the hack or are yet to know about it) and so on. The means for obtaining email addresses are almost endless.
      We can’t give any assurances as to what impact may have been done by answering their questions, so make sure your Virus scanner virus definitions are always up to date, the same for your Malware scanner and any Operating System patches are also up to date. These sites typically ask basic questions at first to gain your trust and then require you to perform an action which will cause the real damage.
      Thank you again for comments.

      Reply

Post Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.