Updated every Monday!   Subscribe to free weekly newsletter.

New Scam Emails Fake Order Confirmations to Shoppers

 (Boston) — Shoppers’ email inboxes have just started being flooded with a timely and potentially dangerous scam. Cybercrooks are sending out authentic-looking purchase confirmation emails that appear to be from Walmart, Target, and Costco, among others, to lure unsuspecting shoppers to their fake websites.

walmartscam

*MOUSE PRINT:

Upon clicking the link for more information about their supposed order, consumers are taken to a foreign website where a malware-infested .zip file is automatically downloaded to their computer.

“This is the perfect crime at the perfect time,” commented Consumer World founder Edgar Dworsky. “Shoppers are busy placing orders between Black Friday and Cyber Monday, so they would naturally expect to find these confirmations in their inbox. And even if they didn’t place an order with the particular retailer, they may believe that a mistake may have taken place and want to see the details.”

The subject line of the suspect emails typically says “Thank you for buying from (retailer name).”

Consumers who click the link in these emails are taken to various foreign websites hosted at these domains: alchem-asia.com (Walmart email), test.vcalink.be (Target email), and bwanatembosafaricamp.com (Costco email).

Consumer World recommends that shoppers hover their mouse over any link in a purchase confirmation email and note the exact website they will be taken to before they actually click it. The website address should be displayed either in a bubble above the link or in the status line of the email program.

Here are sample purchase confirmation emails that are made to appear to be from Target and Costco, claiming that the customer’s order is ready for pickup:

Target

Costco

Share this story:

 

ADV
Updated every Monday!   Subscribe to free weekly newsletter.

How Many One-A-Day Vitamins is Right to Take?

 I know, what a dumb question. That’s like asking how many musketeers were in the three musketeers.

JCD, a regular Mouse Print* reader, brought up the issue in the context of One-A-Day vitamins.

One-A-Day

One would expect that you take one per day, right?

*MOUSE PRINT:

One-A-Day back

Nope… you have to take two.

You have to wonder how many people under-dosed on these vitamins because they reasonably assumed that the whole point of One-A-Day is to take one per day. Even at that, you are still not getting 100% of the daily requirement of some of the vitamins in the product.

Bottom line: don’t assume.

Share this story:

 

ADV
Updated every Monday!   Subscribe to free weekly newsletter.

Holy Ship, Toys-R-Us Changed the Delivery Address of my Order

  As we all begin our holiday shopping online, this word of caution: scrutinize everything on the screen, fine print or not, before finalizing your order. If not, you may be in store for an unexpected surprise.

Last week, MrConsumer decided to send a toy to a friend, Jami, in Colorado for her kids. Toys-R-Us had a crazy low price for an electronic version of Scrabble, so he proceeded to order it at their website. Here’s the shopping cart showing the item:

Cart

Since this order qualified for free two-day shipping through Shoprunner (hint: AMEX cardholders should sign up for a free account good at many retailers), MrConsumer clicked the Shoprunner button and entered the Colorado address that the toy should be shipped to.

shoprunner screen

Not wanting this purchase to go on his American Express card, MrConsumer dismissed that screen and clicked the regular checkout button knowing that free shipping would still apply even entering a different credit card number.

The final checkout screen all seemed to be in order with the gift going to Jami, so he clicked the submit order button.

A few days later, FEDEX sent a notification that the gift had been delivered. Checking with Jami, she said she never received it. Did someone steal it from her doorstep?

Checking back at the FEDEX site, there was a notation that the package was left on a porch in LINCOLN, NEBRASKA! What??? Lincoln is where Jami used to live. Could MrConsumer have been so absent-minded as to erroneously list her old address on the ToysRUs.com order?

Going back to retrace his steps on the Toys-R-Us website, MrConsumer created a test order for the same toy. And just as depicted above, when clicking the Shoprunner button, the Colorado address automatically appeared. However, when clicking the regular checkout button, it appears that Toys-R-Us changed the address to Lincoln, Nebraska because that is the address it had stored from previous orders.

*MOUSE PRINT:

Toys R Us

MrConsumer called Toys-R-Us and walked the agent through all the steps above so she could see the glitch in the system. They generously provided a merchandise credit, and said they would forward this issue to their tech people.

The lesson here is that you have to scrutinize every Internet order, big print and small print alike, before hitting the submit button. Is it the right item? Is the order for only one item and not two by mistake? Did all coupon codes get accepted and deducted? And surprisingly, is it going to the right place?

Share this story:

 

ADV