Black Friday is upon us again. This North American past-time has entered our UK shores and never looked back. It’s fun, it offers us pre-Christmas bargains, what’s not to like? Well, the scam side of Black Friday, that’s what.
As expected, Black Friday has brought to our The Defence Works Scam Box, a slew of Black Friday phishing emails. This week’s scam post is dedicated to Black Friday scam emails.
The Black Friday Phishing Email
This week we can share three Black Friday phishing emails with you – what a bargain!
The first two are well done, nicely branded and look like legitimate Black Friday deal emails. The third is not such a great attempt.
Black Friday Scam 1: Morrisons
The email says “win £500 in gift vouchers” and entices the recipient to click to win. A typical phishing scam that uses the excitement of the win mixed with Fear of Missing Out (FOMO). The email also plays on the fact that this time of year you’d like to buy presents for loved ones for Christmas. The fraudsters playing on the tightening of the purse as years of austerity kick in.
Black Friday Scam 2: Primark
Another “win £500 in gift vouchers” deal, just click to enter the competition. The email, like the Morrisons’ email, was branded as the legitimate company might. The entire image was linked, catching the more wary of recipients who might inadvertently click.
Black Friday Scam 3: An attempt at spoofing an Amazon Prime Black Friday.
The email tells the recipient they have won the “Amazon Prime Holiday Season Giveaway!” And that they must click to claim the gift before the link expires.
No doubt there will be many more variants on the above, doing the rounds over the next week in the run up to Black Friday.
Tell-Tale Signs of the Black Friday Emails Were Phishing
All of the emails had typical signs of phishing:
- The email address of the sender was clearly not from the brand.
- There was no personalisation of the message, simply a ‘Hi’ or a “Dear Amazon Prime Member”
The Morrisons and Primark emails were cleverly disguised as being from an affiliate company. This is in an attempt to get around not having access to send the email from a real Morrisons or Primark address.
What Happens if you Click the Phishing Link?
In all of our Black Friday cases, if you click on the link you are taken to what looks like a legitimate site. The site requests to collect your details so you can be entered into the draw or claim your prize. Of course, if you do, your personal data will be stolen and used for further fraudulent purposes and identity theft.
We spend a lot of money around Christmas, and, Black Friday deals can help offset that load. But cybercriminals want your money too; be cautious, avoid clicking links in emails that you are not totally sure are legitimate.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
The Black Friday Phishing Scam
Black Friday is about to happen and you will no doubt get many emails about the event. Be aware that a number of phishing emails pretending to be big brands like Morrisons, and Primark are making offers for Black Friday. The link takes you to a website that asks for your personal details.
DO NOT ENTER ANY PERSONAL DATA INTO A WEBSITE UNLESS YOU ARE ABSOLUTELY SURE IT IS LEGITIMATE. BE EXTRA CAREFUL AS THE ENTIRE CONTENT OF THE EMAIL IS CLICKABLE
For more information on what to do if you receive a phishing email check out “What to Do if You Click on a Phishing Link?”