Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Woolworths 'Customer Satisfaction Survey' Phishing Scam

Outline
Email purporting to be a "Customer Satisfaction Survey" from Australian supermarket chain, Woolworths claims that the recipient can receive a $50 gift certificate just for clicking a link and participating in a short 5 question survey. An alternative version claims that those who participate in the survey can have $150 transferred into their nominated bank account.

Survey Scam

© Depositphotos.com/alexmillos



Brief Analysis
The email is not from Woolworths and the claim that recipients will be given gift certificates or cash for filling in a survey is untrue. In fact, the message is a phishing scam designed to trick recipients into divulging sensitive personal and financial information to Internet criminals.

Examples

Customer Satisfaction Survey! Win 150$

Congratulations!

You have been selected by Woolworths Online Department to take part in our quick and easy reward survey. In return we will credit $150 to your account - Just for your time!

Helping us better understand how our members feel, benefits everyone.

With the information collected we can decide to direct a number of changes to improve and expand our services. The information you provide us is all non-sensitive and anonymous. No part of it is handed down to any third party groups. It will be stored in our secure database for maximum of 3 days while we process the results of this nationwide survey.

To access the form, please click on the link below :

[Link Removed]


Woolworths Survey Phishing Scam


Subject: Customer Satisfaction Survey

You have been selected to access the Woolworths 5 questions Survey and win a $50.00 gift certificate.

Please click here and complete the form to receive your reward. Thank you.

This is an automated message. Please do not reply.
Message Id: 0019268154-wmrtsrv.
WCHVIJOWNPBHSEDFHPDZDWPQFCOGXGYKLORDFG


Detailed Analysis
This email, which claims to be from large Australian supermarket chain Woolworths informs recipients that they can receive a gift certificate worth $50 just for filling in a 5 question survey. A variant of the message claims that users can have $150 deposited into their accounts in exchange for filling in the survey. Users are invited to click a link in the message to complete the survey and claim their gift certificate or cash reward.

However, the message is not from Woolworths and those who participate will certainly not receive any reward. Those who are taken in by the trick and click the link in the email will be taken to a bogus survey page as shown in the following screenshot:


Woolworths Survey Phishing Scam

The fraudulent website starts off by asking respondents some generic questions about their satisfaction with Woolworths services. But this supposed customer survey is just the smoke screen designed to fool participants into providing their personal and financial details, ostensibly so that they can be credited with their reward. The second part of the scam page asks for name and address details as well as ID information such as drivers license and Medicare numbers. It then asks users to submit credit card details, including the card's CVV.

All of this personal and financial information will be sent to the criminals running this scam campaign and may subsequently be used to commit identity theft and credit card fraud.

Such survey based phishing scams are quite common and have targeted customers of various other high profile companies around the world including, McDonald's, Coca Cola and Westpac. Companies may sometimes conduct customer surveys that offer rewards to participants such as the chance to go in the draw for a prize. In some cases, participants may receive small fees or other types of minor rewards for offering their opinions and feedback to companies. However, companies are extremely unlikely to pay a substantial cash reward for each and every customer willing to fill in an inconsequential survey consisting of just a few generic questions. Nor would any legitimate company expect customers to provide sensitive personal and financial details via an unsecure web form.

Be very cautious of any unsolicited email or text message that claims that you can receive a prize or reward just for participating in a brief survey. If you receive such a message, do not follow any links that it contains. Some versions may package the bogus survey form as an email attachment, so do not open any attachments that such messages contain. Facebook users are also continually targeted in similar types of scams that offer valuable ( but non-existent) prizes as bait for survey participants.

Bookmark and Share

Last updated: October 22, 2013
First published: August 29, 2012
By Brett M. Christensen
About Hoax-Slayer

References
McDonald's Survey Phishing Scam Email
Coca Cola Survey Phishing Scam
Westpac 'Quick Survey' Phishing Scam
Difference Between http and https
Facebook Survey Scams