Spot the Scam: Current Music, Coinbase Email, COVID-19 Relief, Amazon, and Free Netflix, HBO, Disney+, and Amazon Prime Subscription Scams

Author: Trend Micro

July 16, 2021

This week’s article will introduce 2 phishing emails and 3 SMS scams in details, including the Current Music app, Coinbase, COVID-19 Relief, Amazon, and free subscription to streaming services like Netflix, HBO, Disney+, and Amazon Prime. Did you see anything similar in your inbox? Check how these viral scams work and learn tips to avoid them:

Current “Account Locked” Email Scam

More and more people start to use the Current Music app to earn cash reward while playing music, but please be careful of unknown emails claiming to be from Current! If you receive an Current email that says your account is locked and instructs you to click on a button to unlock it, think again.

Scammers can send fake emails with phishing links attached to lure you into giving away personal information, including login credentials or even banking details. We suggest you use the Current app or website to contact customer support directly for help instead of clicking on the button in the email, if you think there are issues with your account:

Source: Reddit

Content
Your account has been locked. Your account has been locked due to an excessive number of unsuccessful sign in attempts. Tap to Unlock

Coinbase “Account Disabled” Email Scam

Are you using Coinbase? Be cautious of fake security alert notification emails from Coinbase!

Impersonating Coinbase, scammers send you an email, informing you that your Coinbase account is “disabled” and that you have to unlock it via a button in the email.

The button actually contains a phishing link. If you fall for the scam and click it, you will be taken to a fake Coinbase login page and asked to enter login credentials. Scammers will then record the sensitive information and use it to take over your account. Don’t let them!

Coinbase phishing email. Source: Reddit

COVID-19 Relief Phishing Scams

Recently we have detected many COVID-19 relief or fund scams. Scammers pose as famous companies or government agencies and send text messages with phishing links, prompting you to apply for some COVID relief program and claim stimulus funds via the links.

If you fall for it and do so, you will be taken to a web page where you have to enter personal information. Scammers then collect all your sensitive data and use it for identity theft.

Here are a few examples:

1. Posing as Walmart

Content

you have been qualified for a direct deposit of $1800 from walmart pandemic relief program, claim here: https[:]//covid-19walmartfund[.]com

Walmart Foundation Pandemic Relief Funds Walmart and the Walmart Foundation generally provide more than $1 billion in cash and in-kind to support programs that align with our philanthropic priorities. We focus on areas where we can do the most good – combining the unique strengths of the business alongside our philanthropy. Our ability to draw on Walmart business strengths, providing more than just funding, helps our philanthropy to deliver greater societal impact. Today. Walmart.org. through the combined philanthropic efforts of both Walmart and the Walmart Foundation, creates opportunities for people to live better every day. We are working to assist individuals and small businesses that have been impacted by the Coronavirus (COVID-19). The ongoing evolution of the pandemic is prompting officials and corporations to provide emergency assistance and funding to help out individuals and small businesses who are experiencing

2. Posing as federal government

  • American Rescue Plan
    US COVID-19 relief bonus”. This site ask user to provide some sensitive information like SSN, picture of your State ID/Driver’s License/International Passport URL: https [:] //mybenefit4you[ . ]com/9

Remember, the payment of American Rescue Plan will be delivered to families in need automatically. Do not let scammers collect your personal information!

  • Government pandemic extra stimulus bonus
    Content
    us department of state extra stimulus: get your covid-19 relief fund of $1,400 per-week for the next 26 weeks. for more details, please visit: https[:]//www.vistaloan [. ]cc/ index.php/covid-relief/

GOVERNMENT PANDEMIC EXTRA STIMULUS BONUS APPLY FOR YOUR COVID PANDEMIC RELIEF EXTRA BONUS NOW!!! This is on opportunity for you to be among the people who will benefit from pandemic relief bonus set up by the federal government, if you’re been affected one way or the other with the outbreak of corona which has more effect on our economy and citizen source of livelihood, this is a scheme set up by FG to ease and help you each citizen with a sum of $1400 every weeks as pandemic relief bonus. You don’t have to leave the comfort of your home

Amazon Online Survey Scams

Amazon survey scams via text messages are still on-trend. Scammers send text messages with phishing links and prompt you to click on them using various excuses. Here are some examples we have observed this week. Look familiar? Yeah, that’s because we have written about them several times:

  • Out For Delivery: Credit Card – Amazon Pay ICICI Bank Credit Card for ICICI Bank Account XX0001 is out for delivery today through Blue Dart Courier, AWB 38509050904. Track status at <URL>
  • Get Amazon voucher worth INR 1000 on opening an online Citibank Suvidha Salary Account. <URL>
  • Delivered: Your Amazon package with 101 CREATIVE STAY AT HOME IDEAS: Mix a Lychee moc… and 2 other items was delivered. More info at <URL>
  • Amazon: Congratulations Dan, you came in 1st in March’s Amazon pods raffle! Follow the link to : <URL>
  • Good day Julie, we sent you an email regarding your Amazon Rewards. Here is what you can buy with it: <URL>

Once you click on the phishing link, you will be taken to an online survey page and asked to enter sensitive personal information in the end, such as banking details. Scammers will use the data you provide to steal your money as well as your identity!

Streaming Service All-in-one Smishing Attack

1-year subscription to all online streaming video services including Netflix, HBO, Disney Plus or Amazon Prime, for FREE? That sounds too-good-to-be-true. We have written about Netflix free subscription scams, and now the same phishing messages evolve to an “all-in-one” package:

You have Netflix, HBO, Disney Plus or Amazon Prime Subscription? We have combined them ALL IN ONE and you get a FREE YEAR <URL>

If you take the bait and click on the phishing link, you will be taken to a page with a set of discount code. And then the web page asks you to select a plan you want.

Then, you have to create an account to enjoy the streaming service. By clicking Continue, you will be taken to another web page and asked to enter personal information, including credit card number, expiration date, and CVC code. The credentials you enter will end up in scammers’ hands, and they will use it for identity theft.

How to protect yourself?

  • Double-check the sender’s mobile number/email address.
  • Reach out to the official website or customer support directly for help.
  • NEVER click links or attachments from unknown sources. Use Trend Micro Check to detect scams with ease!

Send a link or a screenshot of suspicious text messages to Trend Micro Check on WhatsApp for immediate scam detection:

Trend Micro Check is also available as a Chrome extension. It will block dangerous sites for you automatically:

Trend Micro Check blocks dangerous sites for you automatically.

Did you successfully spot the scams? Remember, always CHECK before your next move. If you found this article helpful, please SHARE to protect your family and friends!

Click on the button below to try Trend Micro Check for free now:

Report a Scam!

Have you fallen for a hoax, bought a fake product? Report the site and warn others!

Help & Info

Popular Stories

As the influence of the internet rises, so does the prevalence of online scams. There are fraudsters making all kinds of claims to trap victims online - from fake investment opportunities to online stores - and the internet allows them to operate from any part of the world with anonymity. The ability to spot online scams is an important skill to have as the virtual world is increasingly becoming a part of every facet of our lives. The below tips will help you identify the signs which can indicate that a website could be a scam. Common Sense: Too Good To Be True When looking for goods online, a great deal can be very enticing. A Gucci bag or a new iPhone for half the price? Who wouldn’t want to grab such a deal? Scammers know this too and try to take advantage of the fact. If an online deal looks too good to be true, think twice and double-check things. The easiest way to do this is to simply check out the same product at competing websites (that you trust). If the difference in prices is huge, it might be better to double-check the rest of the website. Check Out the Social Media Links Social media is a core part of ecommerce businesses these days and consumers often expect online shops to have a social media presence. Scammers know this and often insert logos of social media sites on their websites. Scratching beneath the surface often reveals this fu

So the worst has come to pass - you realise you parted with your money too fast, and the site you used was a scam - what now? Well first of all, don’t despair!! If you think you have been scammed, the first port of call when having an issue is to simply ask for a refund. This is the first and easiest step to determine whether you are dealing with a genuine company or scammers. Sadly, getting your money back from a scammer is not as simple as just asking.  If you are indeed dealing with scammers, the procedure (and chance) of getting your money back varies depending on the payment method you used. PayPal Debit card/Credit card Bank transfer Wire transfer Google Pay Bitcoin PayPal If you used PayPal, you have a strong chance of getting your money back if you were scammed. On their website, you can file a dispute within 180 calendar days of your purchase. Conditions to file a dispute: The simplest situation is that you ordered from an online store and it has not arrived. In this case this is what PayPal states: "If your order never shows up and the seller can't provide proof of shipment or delivery, you'll get a full refund. It's that simple." The scammer has sent you a completely different item. For example, you ordered a PlayStation 4, but instead received only a Playstation controller.  The condition of the item was misrepresented on the product page. This could be the