DealsDirect Phishing Scam

Outline
Emails purporting to be from Australian online store DealsDirect supposedly offer gift vouchers or heavily discounted products and entice recipients to click links in the emails to take advantage of these offers.



Brief Analysis
The emails are not from DealsDirect. The messages are phishing scams designed to trick recipients into visiting a bogus webpage and entering their DealsDirect login details. If you receive one of these bogus DealsDirect "offer" emails, do not click on any links or open any attachments that they may contain.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:

Last updated: October 17, 2012
First published: October 17, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Example

Detailed Analysis
This email, which purports to be from popular Australian online store, DealsDirect, claims that recipients can purchase an iPhone for only $50 by clicking a link in the message. Another version claims that recipients can follow a link to receive a DealsDirect gift voucher valued at $100.

The messages are not genuine DealsDirect offers and they do not originate with the company. In fact, the messages are phishing scams designed to trick recipients into divulging their DealsDirect account login details to cybercriminals. Those who fall for the scam and follow links in the messages will be taken to a fake login page created to resemble a genuine DealsDirect web page. They may also be asked to provide further personal and financial information via bogus web forms that might later be used for credit card fraud and identity theft. Login credentials entered into the fake site can be collected by scammers and subsequently used to access the victim's real DealsDirect account. Once they have hijacked these accounts, criminals can then use them to conduct fraudulent transactions in the names of their victims.

DealsDirect has warned users about these phishing attempts via posts on Facebook, Twitter and via an email sent to customers. Be cautious of any email claiming to be from DealsDirect that claims that you can receive a gift or redeem an offer by following a link in the message. Before logging in, always ensure that you are on the genuine DealsDirect website (www.dealsdirect.com.au) and not another unrelated, "look-a-like" site with a different web address. The safest method is to login to your online accounts by entering the account web address into your browser address bar rather than by clicking a link in an email.





References
Phishing Scams - Anti-Phishing Information
DealsDirect Facebook
DealsDirect Twitter
DealsDirect Scam Alert

---

Pages in this issue:

1. Spiderman Window Cleaners Picture
2. Post Circulating Rekindles a 1990's Anti-Margarine Email
3. Rey Mysterio is NOT Dead
4. UN Observers at USA Polls Protest Message
5. Urban Legend - NASA Scientists Discover Biblical 'Missing Day'
6. Windows Email Security Update Phishing Scam
7. Does a Circulating Image Show A Rapist Coach Slashed by a Protective Mother?
8. Hoax - 400 Marine Corps Dogs Need Homes
9. Skype 'lol is this your new profile pic' Ransomware Warnings
10. 'News Report' Claims Gonorrhea Spread Through Air
11. DealsDirect Phishing Scam
12. Facebook 'Blocked Account' Scam Email
13. Bank of Queensland 'Security Message' Phishing Scam
14. LinkedIn 'Invitation to Connect' Malware Emails
15. Lloyds TSB 'Internet Banking Account Status' Phishing Scam
16. NASA JPL Twitter Account Retweets Anti-Romney Material