Spot the Scam: Moderna, Pfizer, Amazon, Subway, and Royal Mail

March 26, 2021

Watch out for text message and email phishing attacks! In this post, we will share the details of a few popular phishing scams – Moderna, Pfizer, Amazon, Subway, and Royal Mail. You will see how these phishing scams work and learn how to avoid them.

Read to the end for tips on spotting similar scams and avoiding becoming a victim of these sneaky scammers. Can you spot all these scams?

Amazon Text Message Phishing Scams

Amazon is one of the most impersonated brands for phishing scams. We recently found two versions of Amazon text message phishing scams (smishing scams):

1. Amazon Bonus Credit Phishing Scam
Scammers pretending to be from Amazon send text messages claiming that you can receive $150 in Amazon bonus credits. They ask you to click a link to claim the credits.

Here are some examples of what you will see if you click on the link:

Content:Eddie, you still have $150 Amazon Bonus credit: v3fzx.info/ux7olVBqvJ See what you can buy before it expires on 03/26 v3fzx.info/ux7olVBqvJ
Ammar, you still have $150 Amazon Bonus credit: [URL] See what you can claim before it expires on 03/28 [URL]
Diana, you still have $100 Amazon Bonus credit: [URL] See what you can buy before it expires on 03/23 [URL] 

2. Wireless Ear Pods scam
In another Amazon phishing scam, scammers claim that you have won a valuable prize, such as “Wireless Ear Pods”, for filling out a survey. You are prompted to click a link to get your reward. Here is what you will see after clicking the link:

In either of the above Amazon “smishing” campaigns, the link provided leads you to a spoofed Amazon website that asks you to enter sensitive personal information and banking details, such as credit card number and CVC code, to pay the “delivery fee.” Scammers can then steal your money and use the information provided for scams such as identity theft.

Content:
Amazon: Congratulations Deshon, you came in [1/2/3] in March’s Amazon pods raffle! Click the link to  : [URL]
Amazon: Congrats Curtis, you came in the winner in today’s Amazon pods raffle! Click the link to  delivery: [URL]

Royal Mail Parcel Delivery Phishing Email

In this campaign, scammers posing as Royal Mail send an email claiming that you have missed a package delivery, and you must “request new shipment” by clicking a button. Royal Mail has confirmed in their official Twitter account that these emails are NOT legitimate.

If you click on the button, you will be taken to a fake Royal Mail website and asked to enter personal information, such as home addresses, phone number, and even banking details. Scammers can then steal your money and use the data for scams such as identity theft.

Here are some examples of the Royal Mail phishing email and fake website:

Subway Facebook Anniversary Giveaway Scams

Scammers love to pose as famous companies and set up fake Facebook fan pages. They claim to be giving away coupons or other gifts to “celebrate their anniversary” on these pages. We have reported similar phony fan pages in previous blog posts claiming to represent Pizza Hut, Pepsi, and Bora Bora.

Snopes reported a fake Subway fan page named “Subwáy” published a post claiming to be giving away $55 subway gift cards.They ask people to comment and share the following post:

Subway is going to celebrate its 55th anniversary on March 22, 2021, and In order to help our loyal customers Every single person who has shared&commented before 4PM Sunday will be sent one of these boxes containing a $55 subway gift-card plus surprises that will make your heart flutter! Make sure to validate your entry @ (website omitted) – Good luck!

The screenshot on top is the fake Subway fan page. If you take a closer look, you will find that there is NO blue checkmark beside the name.

The posts prompt you to register for the campaign through a phishing link. The link leads you to a website where you are prompted to enter personal information, including your home address and credit card number (for “delivery” of your reward). The data you provide ends up in the scammers’ hands, and they can use it for various scams such as identity theft.

Pfizer/Moderna Vaccine Survey Scam

Scammers also love to grab your attention using hot topics like COVID-19 vaccines! Posing as Pfizer or Moderna, they send text messages, claiming to offer you a reward for participating in an online survey about COVID-19 vaccines.

The message contains a phishing link. After participating in their fake survey, you will be prompted to click a phishing link. If you take the bait, this is what you will see:

You are then told that you have won a pair of “Ear Pods”. To claim your gift, you must pay the “delivery fee,” and you are prompted to submit your credit card number and CVC code. Scammers can use this information to steal your money and for identity theft!

Content:
<PFlZER:VACClNE> –  carlos – Get PAlD For Your Feedback; Here’s $200 Just For Participating: [URL]
[PFZlZER_VACC#]; WeIl Give You $9O.OO Just For Your Feedback. GET PAlD N0W: <URL>
[M0DERNA#VACC]: WeII Give You $9O For Your 0pinion. lt 0nIy Takes 3 Mins! Get PAlD Here_ <URL>

How to protect yourself from phishing scams?

• Double-check the sender’s mobile number/email address
• Reach out to the official website or customer support directly for help
• NEVER click links or attachments from unknown sources

Use Trend Micro Check for immediate scam detection!
Copy-paste a link and send it to Trend Micro Check on Messenger or WhatsApp to detect scams. Or you can send a screenshot of suspicious text messages:

Trend Micro Check is also available as a Chrome extension. It will block dangerous sites for you automatically:

Did you successfully spot the scams? Remember, always CHECK before your next move.

If you think Trend Micro Check is helpful, please SHARE to protect your family and friends.
Try Trend Micro Check for free now:
Messenger
WhatsApp
Chrome extension