Woolworths 'Customer Satisfaction Survey' Phishing Scam
OutlineEmail purporting to be a "Customer Satisfaction Survey" from Australian supermarket chain, Woolworths claims that the recipient can receive a $50 gift certificate just for clicking a link and participating in a short 5 question survey. An alternative version claims that those who participate in the survey can have $150 transferred into their nominated bank account.
Brief AnalysisThe email is not from Woolworths and the claim that recipients will be given gift certificates or cash for filling in a survey is untrue. In fact, the message is a phishing scam designed to trick recipients into divulging sensitive personal and financial information to Internet criminals.
Scroll down to read a detailed analysis with references.
Woolworths Customer Satisfaction Survey
Here's how you can win $150
You have been chosen as a subject in our customer satisfaction survey. If you take the time to tell us what you think of our services and how we can improve them, we'll give you $150. If you choose to take the survey please answer the question truthfully thus reflecting your true oppinions. All data collected in the survey is confidential and will only be used for the purpose of improving our services.
Go to the survey.
The $150 reward will be deposited on your account.
Customer Satisfaction Survey! Win 150$
You have been selected by Woolworths Online Department to take part in our quick and easy reward survey. In return we will credit $150 to your account - Just for your time!
Helping us better understand how our members feel, benefits everyone.
With the information collected we can decide to direct a number of changes to improve and expand our services. The information you provide us is all non-sensitive and anonymous. No part of it is handed down to any third party groups. It will be stored in our secure database for maximum of 3 days while we process the results of this nationwide survey.
To access the form, please click on the link below :
Subject: Customer Satisfaction Survey
You have been selected to access the Woolworths 5 questions Survey and win a $50.00 gift certificate.
Please click here and complete the form to receive your reward. Thank you.
This is an automated message. Please do not reply.
Message Id: 0019268154-wmrtsrv.
This email, which claims to be from large Australian supermarket chain Woolworths informs recipients that they can receive a gift certificate worth $50 just for filling in a 5 question survey. A variant of the message claims that users can have $150 deposited into their accounts in exchange for filling in the survey. Users are invited to click a link in the message to complete the survey and claim their gift certificate or cash reward.
However, the message is not from Woolworths and those who participate will certainly not receive any reward. Those who are taken in by the trick and click the link in the email will be taken to a bogus survey page (See Screenshot below).
The fraudulent website starts off by asking respondents some generic questions about their satisfaction with Woolworths services. But this supposed customer survey is just the smoke screen designed to fool participants into providing their personal and financial details, ostensibly so that they can be credited with their reward. The second part of the scam page asks for name and address details as well as ID information. It then asks users to submit credit card details, including the card's CVV.
All of this personal and financial information will be sent to the criminals running this scam campaign and may subsequently be used to commit identity theft and credit card fraud.
Such survey based phishing scams are quite common and have targeted customers of various other high profile companies around the world including, McDonald's, Coca Cola and Westpac. Companies may sometimes conduct customer surveys that offer rewards to participants such as the chance to go in the draw for a prize. In some cases, participants may receive small fees or other types of minor rewards for offering their opinions and feedback to companies. However, companies are extremely unlikely to pay a substantial cash reward for each and every customer willing to fill in an inconsequential survey consisting of just a few generic questions. Nor would any legitimate company expect customers to provide sensitive personal and financial details via an unsecure web form.
Be very cautious of any unsolicited email or text message that claims that you can receive a prize or reward just for participating in a brief survey. If you receive such a message, do not follow any links that it contains. Some versions may package the bogus survey form as an email attachment, so do not open any attachments that such messages contain. Facebook users are also continually targeted in similar types of scams that offer valuable ( but non-existent) prizes as bait for survey participants.
Last updated: September 25, 2014
First published: August 29, 2012
By Brett M. Christensen