One of the most effective kinds of scams concerns promotional gift cards. It isn’t uncommon for companies to promote products or services through gift cards so these “wolves in sheep’s clothing” are easy tricks to play.
A simple mouse-over reveals that the gift card doesn’t lead to the company’s website represented in the card. [Click on each of the screenshots in the slide show above to open up the scam and look at the link revealed in the lower left corner by mousing-over.] People might think that it is OK for the link to lead to some other website because sometimes companies hire marketing firms to promote products or services. Seems like a reasonable assumption, right? Wrong.
The vast majority of online gift cards we’ve seen are scams designed to infect computers, collect personal data, or phish account information. We strongly recommend deleting all gift cards received through email unsolicited because the risk for fraud is so high. Have a look at what we mean…
First of all, notice that the subject line is for a Target Rewards card but the email posted is for a Costco gift card. A mouse-over of the graphic shows that it points to the following link:
As we have shown members in our Member’s article How to Surf Safely, the most important part of the link is the domain name. The domain name will be found just in front of the first forward-slash /. In this case “pke236” is a subdomain and unimportant. The domain name is “radmgglss.com.” If this link pointed to Costco, the link should point to the domain name “costco.com.” The fact that is points to a strange domain that is not Costco should make everyone suspicious.
We copied the link location (without actually clicking the link which can be VERY risky!) and asked the Zulu URL Risk Analyzer to check it out. (To copy a link location WITHOUT clicking the link, on an Apple computer hold down the control key and click the link. From the popup menu select ‘Copy link location.’)
We were surprised to see that Zulu found the link “Benign” meaning harmless. However, we noticed that Zulu had found a redirect to another website, curiously called “baitfishonline.com.” (A redirect means that a website will redirect the visitor to another website.)
We looked up BaitFishOnline.com in Google and the website listing on Google was completely void of any information, making us even more suspicious. And then we also spotted a link on Google from VirusTotal.com related to BaitFishOnline.com:
Here’s what VirusTotal.com had to say about BaitFishOnline.com…
Now we really knew this website was bad news so we went back to Zulu and asked it to check on the redirected link to BaitFishOnline.com and we had our answer…
We wondered who owned this malicious website and looked it up using a WHOIS service:
The owner of BaitFishOnline.com had paid a proxy service to hide the real ownership of the website.
This Costco gift card was not from Costco and it was malicious!
Here’s a gift card for Wendy’s…
In fact, lots of these Wendy’s gift cards were being sent to people but from slightly different email senders. Very strange…
We’ve seen dozens of these gift card scams. Check out the slide show sample at the top of the page! To see any full size image, just click it.