NBC News reported yesterday about a fake coupon being offered on Facebook from Bed Bath & Beyond for Mother’s Day.
It’s a phishing scheme, in which your private information – such as Social Security number and credit card information – are requested. But the coupon offer is nothing more than an attempt at identity theft.
BBB isn’t the only retailer reporting fake coupons/ID theft attempts for Mother’s Day, which is celebrated Sunday.
This year, consumers are expected to spend nearly $24 billion on Mother’s Day, buying flowers, cards, candy, etc.
And that compares to the $15 billion that will be spent on Father’s Day.
AARP has a list of common Mother’s Day cons (which also apply to graduations and Father’s Day, with slight tweaks:
• FLORAL FLEECING. At least $2 billion is spent on Mother’s Day flowers. Scammers angle for their cut by posing as online florists and in emails, online ads and social media, they promise bargain-priced bouquets, “free” vouchers and overly generous coupons. Don’t be fooled: Most lead to scammer-run websites to collect (your and Mom’s) personal information and your credit card account. Some also deliver malware.
Find reputable florists (close to Mom) through word of mouth or via directories from Teleflora and FTD. Online, look for proof the website is secure — including an “https” opening on pages that require personal and financial information. When calling, ask about tack-on charges and insist on guaranteed refunds for missed or late delivery or if flowers come in poor condition.
• OTHER GIFT GRIFT. One of the latest Mother’s Day gift scam making the rounds on Facebook alleges to be a $50 coupon from Lowe’s. If Mom’s wish list leans more toward jewelry, designer clothing or the like, the same flower-wise rules apply: Those insanely discounted online deals for brand-name bounty often lead to copycat websites that capitalize on high-priced and respected names, but sell cheap counterfeits … if anything at all. Like phony florists, many are also fraudster-run fronts phishing for personal and financial information.
To spot trouble before it can happen, very carefully read website addresses before visiting — and especially before “buying” there. Look for extra or missing letters (like www.tiffanny.com) or even punctuation (such as www.tiffanyco.mn, a now-defunct site previously exposed by Scam Alert whose .mn ending meant it was a Mongolia-registered website). Before clicking, hover your computer mouse over the link to see its “real” address; avoid those that wildly deviate from the legit company name. If that doesn’t work, copy and paste the link into a Word document, then right-click on the pasted link and select “Edit Hyperlink” from the menu for a pop-up window that should display, in the “Address” field, the web address to which the link directs. When buying jewelry in-store, know what you’re buying with this advice from the FTC and how to spot fake appraisals.
• GREETINGS GOTCHAS. Fake notifications for electronic greeting cards are a common way to spread malware to the computers of mothers (and others) so scammers get remote access to files, passwords and online financial accounts. Scammers trick their prey with emails that promise an awaiting greeting card, usually from a bogus “sender” with a supposed title like “firstname.lastname@example.org” or touting a generic heading such as “Happy Mother’s Day from Your Loving Son/Daughter.” But even if a specific name is used (namely, yours), it could have been gleaned from online directories or social media.
So, instruct would-be recipients to not open greeting cards via links in emails. Legitimate notices will include a confirmation code that should be entered at the card company’s website, such as Hallmark or American Greetings, for malware-free viewing. If there’s no waiting for you, the email Mom got was sent by a scammer.
• COURIER CONS. Another way to spread malware: Bogus shipping emails claiming to be from retailers or services such as FedEx, UPS or the U.S. Postal Service that claim a supposed scheduled delivery, tracking update or shipment snafu — with a link promising details. Unless you or recipients already provided the courier with an email address, assume these are scams. If you signed up for tracking updates, expect them to be in text form, not with links promising details.
Also beware of mailed postcards about “undeliverable” packages. Although less used because of required postage, they’re sometimes an attempt to get you to make an expensive overseas phone call — most commonly used area codes include 809, 876 and 284 — or to reveal personal and financial information. And if someone shows up at Mom’s doorstep with a package and request for payment, no matter how small, know this ruse: The deliveryman claims he can’t accept cash — only a credit card — and it’s a scheme that can run up unauthorized charges on the provided plastic. Besides, what self-respecting offspring would send Mom a gift by cash on delivery (COD)?
• GIFT CARD SCAMS. Whenever choosing that most requested present of all — gift cards — choose wisely: In-store, thieves can remove gift cards from end-cap racks, copy codes with portable scanners or pen and paper, and then dial toll-free numbers listed on gift cards to learn when those cards were activated and their value for online spending or to cloned cards for in-store use. The safer move: Purchase gift cards directly from a store cashier, customer service counter or the company’s website. And make sure that the cashier scans and activates the card in your presence and that you get a receipt in case there’s a problem.
Online, buy directly from websites of retailers, restaurants or Groupon, or through gift-card exchanges such as GiftCardGranny.com, Cardpool.com and Raise.com, which buy unused cards at a discount of their face value and resell them at a profit but at a still-reduced price. Avoid lowball offers on Craigslist or auction websites like eBay, where buyers may purchase already-redeemed gift cards or pay for cards that are never delivered.