All of us have probably seen some sort of ad similar to this on the web and most of us are able to tell that it false. Like the old saying goes “if it is too good to be true it probably isn’t true.” However, scams have been getting more and more convincing the recent years to the point that it is hard for an average user to tell the difference. The Canadian Anti-Fraud Centre published that since November 30, 2021 to present day that nearly 46,000 Canadians were a victim to a scam/fraud with over $231 million dollars lost [1,2]
Scammers are getting more creative on their approach of stealing information from users. COVID-19 has made many people turn to online shopping as a means to purchase goods. Canada became the ninth largest market for eCommerce in 2020 with a revenue of $39 billion. [3] As online shopping increases the number of online scams will also increase; that is why individuals need to be wary when shopping online.
How many of you all have gift cards?
My guess is that almost everyone has received one at one point or another. Gift cards are awesome when using them the first time as you often know the amount on the card. However, with cards being able to be reloaded with money it’s hard to tell the balance remaining on the card. Recently an ad has been brought to the attention of Reddit users about a Target gift card balance checker [4]. The website looks very similar to the Target website copying the company websites font as well as artistic style. The website worked by asking users for their gift card number and access code and then redirected to the legitimate Target website [4]. Users reported they were often confused as to what happened because they were redirected to the real target website. By the time the users ask for support or check the card balance in person, all the money on the card had already been stolen. Similar websites have also been highlighted on Reddit of scammers making similar looking websites and getting the unaware internet user to fall into their trap.
What can you do to protect yourself from such scams?
The Canadian Anti-Fraud Centre has set out some tips that can help protect individuals from scams:
- Do not open links or even emails from people you do not trust. If you are doubtful, it is better to not open the link and to manually type the real website address in a search engine or browser.
- Do not give out personal information even if the person on the other end may have a convincing story about how your family just inherited millions of dollars from your long-lost uncle.
- Look for speling or grammer mistak3s cuz many f4ke webs!tes use SiMiLaR spelt or sounding words to trick users.
- HTTPs does not always guarantee that a website is legitimate, which is why its important to do research. Looking at reviews of other people who have used the website or doing a quick search engine search can reveal more about a company and their practices. As well as inform you if you accidentally went to a fake website.
As online shopping increases it is important that individuals stay aware and be vigilant on how to be safe and protect their information from frauds and scams. Let me know if you agree with my points or if there any other points we all should keep in mind when shopping online.
Sources:
- Government of Canada RCMP. Canadian Anti-Fraud Centre [Internet]. Government of Canada, Royal Canadian Mounted Police. 2021 [cited 2022Jan23]. Available from: https://www.antifraudcentre-centreantifraude.ca/index-eng.htm
- Borzykowski B, Jones SN, Lajartre Mde, Deveau D, About the Author Bryan Borzykowski Bryan Borzykowski is an award-winning business journalist. He’s written for the New Yo. 34 per cent of Canadians have fallen victim to fraud: Survey [Internet]. CPA Canada. 2020 [cited 2022Jan23]. Available from: https://www.cpacanada.ca/en/news/canada/2020-03-03-cpa-canada-fraud-survey
- Ecommerce Market Canada – data, trends, top stores … [Internet]. [cited 2022Jan23]. Available from: https://ecommercedb.com/en/markets/ca/all
- Boyd C, ABOUT THE AUTHOR Christopher Boyd Lead Malware Intelligence Analyst . Steer clear of Gift Card Balance Scams [Internet]. Malwarebytes Labs. 2022 [cited 2022Jan23]. Available from: https://blog.malwarebytes.com/scams/2022/01/steer-clear-of-gift-card-balance-scams/
Super good article! It is interesting to see which new methods phishers are using. It’s definitely a good idea to not be opening emails and links from untrusted sources but super understandable how people would fall for such a convenient site. It was a good tactic for the phishers to redirect to the actual target webpage afterwards as well. As you mentioned, looking for spelling mistakes and grammatical errors in emails is a great tip. Another tip I would add is checking the actual email address of the user – even if you think you trust them – because having an email or domain that’s just one letter off of the proper one is super likely.
This is really good advice for staying safe from scams, and it’s good to know which tactics scammers are using! An interesting counter-intuitive tactic I’ve heard about is that if a scam includes the process of a scammer talking on the other end, thus investing time into the scam, then they may try to make the initial bait as obvious as possible so only the most gullible people will fall for it, weeding out people who would be less likely to give away personal information in a conversation. This means they can scam more people in less time, and sadly abuse peoples’ lack of knowledge.
This is a really interesting article! I totally overlooked possible scams that involve gift-cards(probably because I spend them super quick). Since gift cards typically don’t require a pin, funds can often be accessed by another person(a scammer in this case). It’s unfortunate that trying to do something as simple as checking the balance of a gift card can get risky. This is why learning about these kinds of scams is really important. It’s natural to not understand it at first, but after reading into it, people will start to be more careful, reducing the number of gift card scams.
Gift cards and scams, name a better duo! From the amount of research and studying I’ve done on internet security, the first line of defense is always user education. And I agree, if a user is well educated and knows what to look out for when it comes to scams, the user will be in a much safer place. The big caveat is the “if” though. It’s really hard to know if a user will take any teachings to heart and/or be diligent when identifying scams. I guess all we (and security professionals everywhere) can do is just keep trying to educate as many people as possible and hope for the best.
To add to the point about misspellings, there does seem to be some evidence that scammers litter their emails with spelling and grammatical errors on purpose, not only to slip past spam filters, but to attract only the most unwary victims. As ‘internet experts’ who roll our eyes at such emails, it’s easy to convince ourselves that we’re scam-immune. But legitimate-looking links can be faked, and scams can come from anywhere: when one account is hacked, their contacts become immediate targets. It’s good practice to hover over a link to check its destination before clicking, even when sent from a trusted friend.
This is a fantastic piece! It’s amazing and mind-boggling to watch such schemes pop up every day, and to see how these scammers come up with them. People still fall for these traps despite all of this internet security advice. These identity thieves have broadened their arsenal and are no longer limited to spoofing, phishing, and creating bogus profiles without recognizing that they are committing a severe crime. Because online shopping has grown dramatically in recent years, it’s more vital than ever to keep secure online, safeguard your personal information, and be on the lookout for scams and frauds. I’d like to add a few additional tips for being secure while buying online. Always double-check your bank statements, avoid shopping in public and don’t overshare information.
The post is actually interesting. My dad almost fell for such a scam. In my country, we have an online money sending app called Bkash. Whenever you receive money , you have to click the link on message. My dad clicked the link and the website looked identical. Each and every detail was so precise that any even an experienced person would think it as a real website. Moments before writing the password and clicking return, my dad saw that the website link had Bkesh written on it not Bkash. He instantly understood what a grave mistake he was going to commit.
From that time, I always remain extra cautious. However, I don’t think thats just enough. We should learn more ways to stay safe from such frauds.
.
Clearly you have written an interesting piece which everyone seems to love. I believe almost everyone can relate to your story since gift cards and online shopping are a common thing nowadays. Since covid began most people have gotten used to staying inside. Therefore, ads like you mentioned in your post attracts a lot of audience these days.
Secondly, I read your part about “What can you do to protect yourself from such scams?”. I must say great points and one must keep those in mind before purchasing anything. However, I thought about it and I also think that one should first check the product and seller rating when purchasing things online. Since almost anyone can put up an ad these days, there is a chance that it is a fraud if they do not have good seller rating. If one still does not understand whether to purchase the product or not then we must consider the old saying, “if it is too good to be true it probably isn’t true.” (Extracted from the blog).
Therefore, we must be extra careful when we shop online since there is a possibility of fraud.
A really unique way of getting your information with a guaranteed help from your side, without you even knowing about it. This post reminds me of an incident which I can relate, something that I encountered couple of years ago. Back in the days when Facebook had people playing games on their own site, once I received an invitation, out of curiosity I open up the link in that invitation which basically asked for the Facebook credentials not once but TWICE*. This seemed really fishy, but it was too late when I recognized that my Facebook account was not in my control anymore. Usually sites donot ask to input your information twice unless there is any network issue or if you type incorrect details. I was lucky enough that I got my account back without any significant harm. So I would highly recommend, not to visit any ads or links that are out of your knowledge!
This is a really good post! Reminds me of a time when I was visiting some friends when they saw one of these ads that was a complete scam. It was a fake giveaway about winning a free iPhone if they entered their email address. They were pretty excited about it, dismissing me saying that it’s too good to be true, and clicked on it. They gave their email address and about 1 day later, their email was out of control, it was filled with spam emails from a ton of fishy email addresses asking for more information. It really goes to show how easy it can be for someone to get scammed, and how we all should be careful when viewing these ads.
I clicked… where is my free money?
The number of fraudulent websites and advertisements that can be found all over the internet today is really frightening. This post brings really good awareness to just how subtle these websites can be, and how easily they can lure someone into giving out their information. I like the recommendations provided to protect yourself from getting scammed. A couple more possible ways that I think could help to avoid getting scammed would be to never respond to “government” or “bank” emails that claim to be giving you money, since the government and banks will always use the regular postal system to give out important information and money. If you are ever unsure as to if something is legit or not, asking someone else is always a good idea, and can even save you sometimes.
Overall, really nice and informative post.
B-B-B-B-BUT I LOVE FREE MONEY – especially if it is from my long-lost uncle!!!
Great article! Personally, this is common sense information. However, I know many aunts and uncles who are unaware of these scams – so I enjoyed how simple and clear the information was presented in the article!
Also, I did not know about your “HTTP” tip before I read this article. When I googled it to seek more clarification, I finally learned about what the “lock” icon on the left of the website URL form finally is. Thanks for that!
This is a very good post. Just recently there was a news story very similar to this scam. Before Christmas, many people received E-mail transfers in French to their e-mail addresses. Most of them at first glance would only feel like someone was scamming, but upon opening the website they found out it was a real website. Many people then fill in their bank details, but what these people don’t realize is that the e-mail is not sending money to their bank account, but from their bank account to the scammer. The reason these people get scammed is because they don’t understand French and the format of the E-mail transfer requesting money email, and the receiving money email is very similar. These people only noticed the correct website and not the content of the emails. This also reminds us that scams often start with aspects that people overlook, and while people focus on the website, scammers focus on misleading with the content, and people should pay attention to every aspect instead of being deceived by individual aspects.
Interesting post! It is fascinating how elaborate modern day scams have developed- a far cry from the original emails sent from a Nigerian prince requesting your bank account number. (Interestingly, these original scams still make a lot of money for scammers! – https://www.cnbc.com/2019/04/18/nigerian-prince-scams-still-rake-in-over-700000-dollars-a-year.html). Personally, I have received text messages with links to receive CRA return money or claim a specific sum of money ($135.60 to be exact). Something that I have found interesting is that scams have become much more lowkey and appear more genuine – rather than stating that you have won 1 million dollars, they instead try to impersonate the government, or in this case, a gift card balance checker. I use the internet quite a bit, so I appreciate the tips for protection against scams and general web safety. I will be sure to use them in the future when browsing or shopping online.
Very interesting article. Most of these scam emails for free money, free gift cards, or free flights end up in my junk mail inbox. It is surprising to me that these scammers are still quite successful in making money off of this technique. Personally I have received a lot of these emails/text messages but it has been quite obvious to me that they are scams.
Very nice article! I remember when I would get pop-ups on webpages I opened when I was younger claiming that I was the winner of a free iPhone. Of course I believed it as a child, but I can clearly tell now whether something is most likely a scam or not. Compared to how these scams looked a few years back, it would seem that current scams appear to be much more subtle. Although they are still obvious to me, I can definitely see why someone may fall for this type of scam, as it takes advantage of a small problem and poses as a convenient “solution” to it.
Great post!
As the pandemic started, more and more people started shopping online, which also made it easier for hackers to steal information from users. They can send advertisements in the form of emails, such as checking gift card balances or receiving coupons to ask users to enter their account numbers to achieve their targets. Many people fall into their trip. Your advice is really helpful for people to stay safe online, such as do not open links or even emails from people you do not trust and do not give out personal information.
Great post! I totally agree with your points in your blog.
Since I came to Canada to study, I have been receiving scam cellphone texts and scam e-mails for almost four years. Most of them usually require me to click the links provided in the texts or e-mails to “get” the “refund” or “bouns”. I tried to click one of the links when I was a second-year student in U of C in 2018. After I clicked that link, it lead me to a website that was not an official website for a company. The website required me to enter my credit card number and other card information. Then, I realized that it was a scam, so I closed that website and remove that scam text from my cellphone. One of my friends in U of C received the same scam text at that time, and unfortunately, he entered his credit card number and other card information on that scam website, as a result, he lost 2000 CAD.
Thus, in my opinion, I think the government should lead to creating some websites with the corresponding database to record the scam messages and scam websites that are reported by people and show them in public, to prevent other people from being scammed again.
Great post!
Now, something like this (facilitated by an official entity) is great. Not knowing how much is on the gift card is one of its main downfalls, and this convincing website certainly could confuse most people. However, I feel like people should know that the cashier at Target (or any other store) can check the card balance for you. Or at least I know that Subway can. Some stores (like Subway) even allow you to register your card online and have it related to your account, which also allows you to check the balance. Adding some point mentioning that these services may exist for any given retailer, may be a good addition.