mouseprint: fine print of advertising
Go to Homepage

Subscribe to free weekly newsletter

Mouse Print*
is a service of
Consumer World
Follow us both on Twitter:

Updated every Monday!   Subscribe to free weekly newsletter.

November 28, 2014

New Scam Emails Fake Order Confirmations to Shoppers

Filed under: Internet,Retail — Edgar (aka MrConsumer) @ 10:48 am

 (Boston) — Shoppers’ email inboxes have just started being flooded with a timely and potentially dangerous scam. Cybercrooks are sending out authentic-looking purchase confirmation emails that appear to be from Walmart, Target, and Costco, among others, to lure unsuspecting shoppers to their fake websites.



Upon clicking the link for more information about their supposed order, consumers are taken to a foreign website where a malware-infested .zip file is automatically downloaded to their computer.

“This is the perfect crime at the perfect time,” commented Consumer World founder Edgar Dworsky. “Shoppers are busy placing orders between Black Friday and Cyber Monday, so they would naturally expect to find these confirmations in their inbox. And even if they didn’t place an order with the particular retailer, they may believe that a mistake may have taken place and want to see the details.”

The subject line of the suspect emails typically says “Thank you for buying from (retailer name).”

Consumers who click the link in these emails are taken to various foreign websites hosted at these domains: (Walmart email), (Target email), and (Costco email).

Consumer World recommends that shoppers hover their mouse over any link in a purchase confirmation email and note the exact website they will be taken to before they actually click it. The website address should be displayed either in a bubble above the link or in the status line of the email program.

Here are sample purchase confirmation emails that are made to appear to be from Target and Costco, claiming that the customer’s order is ready for pickup:



Share this story:

• • •


  1. These kinds of emails sound like they can be rather convincing. Lucky for me I check both the email address and the url I am about to click on before moving forward. Sometimes I might be careless because I was expecting an email, but for the most part it’s always a good idea to check the sender and the link before moving forward.

    Comment by Wayne R — November 28, 2014 @ 11:03 am
  2. Hovering over urls in email is not reliable. Some urls are very difficult to verify, even for experts.

    And to make matters worse, even if the domain part of the url is legit, the resource the email link points to could be a deep-linked page that’s been altered.

    Furthermore, even a seemingly legit url could cause trouble, if it links to a flawed script, such as a url redirecter that doesn’t validate parameters.

    Email alone should never be trusted. A better, safer way is for one to directly navigate to the e-commerce website; typing in its web address, and then log in to check order status, etc.

    Comment by Ron Bennett — November 30, 2014 @ 9:06 pm
  3. I received one from “” on Friday. Almost suckered me in as I had just placed an order from Costco. Date and time stamp were identical with the official Costco email. I used the hover method to discover that the email was bogus.

    Comment by Doug Mitchell — December 1, 2014 @ 7:58 am
  4. Sneaky… Sneaky… Sneaky… They will do anything to get your data.

    Comment by richard — December 1, 2014 @ 1:39 pm
  5. Another clue in such emails is often poor grammar, or oddly worded phrases: ”personal data of the recipient coincide with yours” is perfectly good English, but it sounds rather odd to me.

    In addition to hovering over a link, you can often copy the link. Then when you paste it into your browser you can see where it will take you. Best advice is to never click a link in email unless you are absolutely sure it is legit (which is extremely rare).

    Comment by George Clark — December 1, 2014 @ 2:41 pm
  6. I just received a similar email that was supposedly from Best Buy. They are no longer using a link, but sending the zip file as an attachment. The order number is suspicious in itself as Best Buy uses the following format: BBY01-1234567890. Guess too few of us were clicking the link…

    From: Best Buy ;

    E-shop Best Buy has received an order addressed to you which has to be confirmed by the recipient within 4 days.
    Upon confirmation you may pick it in any nearest store of Best Buy.

    Detailed order information is attached to the letter.

    Wishing you Happy Thanksgiving!

    Best Buy

    Comment by Jeremy — December 4, 2014 @ 8:33 am
  7. I just received one from Costco , I was curious and I clicked check details, and there was nothing, should I be worried and what can I do? Help anyone!

    Edgar replies: Marcy, it downloaded a file automatically most likely to your downloads folder. Delete it but don’t click to open it. You should also run malwarebytes and other anti-virus/anti-malware software right away.

    Comment by marcy — December 19, 2014 @ 3:03 pm

Comments RSS

Sorry, the comment form is closed at this time.

Powered by: WordPressPrivacy Policy
Mouse Print exposes the strings and catches buried in the fine print of advertising.
Copyright © 2006-2020. All rights reserved. Advertisements are copyrighted by their respective owners.