Get Paid to be an Amazon Product Tester! — The title of our top story is a lie! Amazon DOES NOT PAY people to test and review products. However, Amazon does have a special program called “Amazon Vine” that is an INVITATION only program. Participants who are invited by Amazon, and accept, are not paid but they get to keep the merchandise they review. A few weeks ago, CBS Channel 4 INDY station WTTV in Indianapolis posted this news story about fake websites pretending to invite and pay people to be “Amazon product testers.” Our friend Rob saw this story, which included a list of several scam websites involved in this fraud, and immediately signed up with one of these bogus sites hoping to get paid to be an Amazon product tester! We DO NOT recommend that you try this! But Rob is a curious and brave anti-scam fighter. He visited the scam website testproductsnow[.]com and signed up! Read on as we explain the rabbit hole that Rob willingly jumped into and what this scam was all about!
Immediately after entering TestProductsNow[.]com and hitting return, Rob’s browser was redirected to a different website called RewardsGiantUSA[.]com and presented with a wonderful offer! It’s important to note that testproductsnow[.]com was registered in Canada on April 20, 2023 And according to the WHOIS report we saw, it used to have a top page that said “Become an Amazon Product Tester” and included an Amazon logo. RewardsGiantUSA[.]com is much older and was registered in February, 2021.
Also on the top page of RewardsGiantUSA[.]com were details stating “you can typically complete all of the required sponsored Deals within 5-7 days (some may take up to 60 days to complete.) Once you complete the required number of Deals, you must complete the Reward claims process, which requires ID verification.” And also it said “On average, customers who received a Reward did so within 6-10 days of registration.” Rob was eager to sign up! He told us it was a lengthy form, and he happily provided fictitious information, after which he was again redirected to a third website, called Reward4Spot[.]com, when he clicked submit. (This site was first registered in 2018!) After entering some additional nonsense he was redirected yet again to a fourth website, called GetMyRewards[.]com. (This site was registered on January 10, 2023.) In all, Rob says that he answered between 50-60 questions from these sites. Of course, these sites asked for a LOT of personal information which is the risky part of this threat! This appears to be a phishing scam, gathering LOTS of your personal information! (But it is also likely a financial theft, as you’ll see.) But, perhaps oddly, these sites also asked questions about Rob’s family, his income/work, his music preferences, insurance, personal habits and on and on. (To us, it feels that someone could easily steal your identity with all of that information.)
Rob finally gave up his pursuit when he was informed that he had to sign up with one of six more websites if he wanted to collect his $1000 reward. He never received any monetary reward and, he tells us, he never saw any other indication that he was applying to be an Amazon product tester! When we asked online security services to evaluate these websites, we were shocked by how many reported testproductsnow[.]com as malicious, including finding malware on this website!
Though all the other websites involved were not found to be malicious by Virustotal, one security service found reward4spot[.]com to be suspicious about a month ago.
It’s important to note that on November 18, 2023 we found 26 reviews about Reward4Spot[.]com on TrustPilot.com, and the majority of them were very poor. However, there were four 5-star reviews of this site that, in our opinion, were bizarre and seemed illegitimate. For example, a review posted on November 1, 2023 said “Yes l am doing great, our conversation exactly awesome looking forward to get my cash if u guys serious.” Sounds to us like someone may have been promised cash if, and only if, he posted a 5-star review! (Remember, a promise of a cash reward is dangled at the start of this lure BUT it doesn’t mean that your reward will be cash. It could be something that the site claims is valued at the amount shown. That could be another part of this scam! E.g. this product is valued at $200 when, in fact, it costs only $35) Here’s another screenshot taken from RewardsGiantUSA[.]com
Following that screenshot, the website states “Customers who received a $500 reward only spent around $23, while those who received $1000 spent about $68.” Hmmmm….so you have to spend your own money to make money? We didn’t like the sound of this “promise.” Some of these rewards concerned games and apps. This fact aligns with some of the 5-star and poor reviews we saw on Trustpilot.com. But in his quest to become an “Amazon product tester” and be paid to test products, Rob leap-frogged across 4 different websites and only stopped when it was apparent that he would have to invest a lot more time and go even deeper down this rabbit hole than he was prepared to do, including buying things online. We wondered who might be responsible for this leap-frog of questionable (or malicious) websites, promises and poor reviews. We didn’t have to look far. At the very bottom of these websites was the following company listed in very small print: RewardZone USA, LLC. When we asked the Better Business Bureau about this company, we weren’t the least bit surprised to find a “red alert” and C- rating based on their practices, many negative reviews, and a lack of responsiveness to complaints about them. In fact, on November 19, the BBB.org website said that they have so many complaints against this sleazy company that they are only publishing 1 out of every 5 complaints!
Rob’s curious journey began when he read two articles about scams offering to pay people to become Amazon product testers. One was on MalwareTips.com and the other was a link on ConsumerWorld.org pointing to the CBS Channel 4 INDY station video about this scam. The scam appears to be both about collecting payments/fees from consumers for test products on this bogus job, as well the loss of your personal information which can be monetized in a variety of ways including identity theft or for sale on the dark web. The article posted on MalwareTips.com does a good job of revealing how these scammers make their money and what you can do to put a tourniquet on your wound to stop bleeding out. There is also another interesting article on Reviewopedia.com about the company, RewardZone USA, LLC, the company that is shown to be behind this fraud on these websites. The article actually includes several 5-star reviews for this company by people claiming to have received their $1000 reward! We found an interesting August 6, 2020 post by “Kid T” when he said “I just got my $1000.00 gift card from this company. I was worried about some of the bad reviews I saw but I got mine. I continued to check my email because they give you 15 day to email over your paperwork (ID, utility bill and a notarized form. Then they will send you your gift card in your email.” We do NOT recommend sending your personal ID, copy of a utility bill and a notarized form with your signature to ANY sleazy business across the Internet!
How to Check If a Website is Legit or Not — Do you know how to check if a website is legit and safe to visit? Here’s the full guide. Check out and protect yourself with this 100% FREE, all-in-one tool.
The Week in Review: Warning About Increased Threats, Your Order for 20 Pizzas and More — If you have a Facebook account, DO NOT click on a message shared by a friend that says “I can’t believe he is gone, I’m gonna miss him so much” and typically followed by 1-3 emojis. This scam post is followed by an image of a serious car accident with a YouTube icon over it as if it leads to a YouTube video. It is a phishing scam that is going viral on Facebook. (More to come on this next week! If you have clicked it, change your FB password immediately!) We also have seen a significant increase in several types of threats in the last week. For example, phishing scams are increasing significantly in number, as reported by our readers! Also, and perhaps not coincidentally as we approach the Christmas holiday gift season, we’re seeing a rise in fake merchandise/gift sites, offers and ads. (We’re working on a few stories for upcoming newsletters about these bogus sites.) Please be on your guard when making purchases online, especially if it is a sale you see on social media platforms such as Instagram and Facebook! (A specialist who focuses on fake advertising and “malvertising” told us recently that these social media platforms are horrific at protecting consumers from these bogus ads!) Here’s a simple email sample for “huge discounts” on Louis Vuitton bags that we opened in our “sandbox.” Our safe opening prevented the graphics from loading and prevented the email from pulling in any other content, including tracker images. Every graphic and link pointed to a VERY malicious website in Russia. Virustotal told us that 9 security services identified this site as nasty, including malware lying in wait!
If you are looking at ads and promotions that land in your email inbox, here’s a reminder of the primary reasons that an email is legitimate. Our example is an email sent to one of our readers by the United States Social Security Administration…
Last Tuesday, November 14, one of our family members received a very odd phone call. A man called to say he was from a local pizza place and the telephone number ID also matched the number from this local pizza shop. The caller said that they were having a hard time finding his house with their delivery of 20 pizzas, 4 bottles of soda and chips. It was 11:45 AM. Here’s how the conversation went…
The young man said “I didn’t order any pizzas so I’m sorry I can’t help you.”
The man on the phone replied with “well you’re going to have to settle up with me.”
The young man’s response was “I’m not going to settle up and I’m sorry for the error.”
But then the delivery guy said “what’s your address and I’ll drop the pizza order off.”
To which the reply was “I’m not giving you my address.”
But then the scammer surprisingly said “I’m right outside, I just need to confirm.”
Again, and more firmly, the young man said “I’m not giving you my address and I’m not settling up with you. Goodbye!” and he hung up. Then the young man pushed redial on his phone. After a couple of rings a man picked up and said “[NAME REDACTED] pizza!” The young man asked to speak to the manager. He picked up the phone and said “how can I help you.” The young man explained what had just happened to him, and how he was told to “settle up” and his response to hang up. The manager said they had just opened five minutes earlier, and that they had no orders yet that day. The young man said, “that’s crazy because I just hit redial and this is the number that called me.” This scam is a perfect example of caller ID spoofing. Deception is remarkably easy in the digital world. End of story.
On November 9, Rob received a “spam call” and immediately turned on his AI machine to speak with the caller. “Eric from Accidental Claim Help Line” was calling to inquire if Rob had been involved in an auto accident! The robo caller’s AI person is speaking perfect English, as you would expect an American to sound like. But once the scammer’s AI turns the call over to a “live agent” you can hear in this 80 second call that the agent has an Indian accent! He hangs up on Rob’s AI shortly after realizing he’s getting nowhere with it! (This blog post on Hiya.com is about these types of scam calls. They believe scammers are trying to gather personal information on people.)
Accidental Claim Help Line call
There are several recent articles in the media that may interest our readers. They are about a variety of scams, including the horrific impact on children, teachers and a community when hoax calls say there is a shooter at a school! You might be surprised by the significant increase in these “swatting” calls and the emotional harm they cause. You may also be surprised to learn that digital breadcrumbs suggest that many of these calls originate outside the US!
Hoax School Shooting: Inside America’s Epidemic (10 min. video posted on YouTube by The Economist on Nov. 13)
A UK Reporter details various scams – including those “enslaved” to run romance scams for criminal gangs (This scam, along with many others, was detailed in an hour-long documentary that aired last month on the BBC about a young man whose identity was stolen and used by scammers.)
According to a security firm, Email Phishing attacks are up more than 1200% since ChatGPT launched! (Oct. 30 post on Decrypt.co)
Virtual Credit Card fraud scam – new twist to an old credit card scam reinvented (Oct. 30 post on SecurityIntelligence.com)
Have you heard of “skimmers” used to defraud people in legitimate businesses? This Boston local news channel reported that many well-known supermarkets in two US states were found to have skimmers placed in self-check lines! This article includes a tip on how to recognize if you’re looking at a skimmer!
Phishing Tricks Revealed, UK TV License and Amazon Prime! — Our first rotten phish is a perfect example to show you the tricks typically used by phishermen in their effort to collect your login credentials to whatever account they spoof. This one pretended to be about a webmail account and was shared with us by a reader. The email says it is FROM “HelpDesk” but comes from a generic name “mailcenter-alert[.]com” rather than any service identified by brand name or domain associated with the account. The email was presented in a way to expose ALL links, including those pulling in graphics. One graphic was pulled in from Amazon’s AWS service rather than a legitimate business representing this email or embedded into the email itself. Most importantly, the link to “Verify Account” pointed to a shady domain mail-delivery-system[.]com. Virustotal has identified this as a phishing scam. However, we want readers to also understand that many scam emails sent by cybercriminals contain “tracking pixels” (also called “tracking gifs” and “web beacons.”) They can inform the sender about many things such as…..
- Did you open the email?
- When and how many times did you open the email?
- What is your approximate location when you opened the email?
The tracking pixel in this email is revealed at the very bottom of the email by the code ending with 8b82.gif. This 2021 article on Wired.com is very good and even describes how you can modify your email settings to turn off the ability for tracking pixels to work when you open an email.
There is a legitimate domain in the UK that our UK readers may recognize, called tvlicensing.co.uk. This next phish came from a free email account at optonline.net called “thomasrich.” HOWEVER, the text field also contained a malicious mimic domain called tvlicensingcenter[.]co[.]uk. It was registered about a month ago and has no content on it. But the real fraud is that the link to “renew my license” points to a phishing page on a hacked mental health service provider site called dramercado[.]com!
A week without an Amazon phishing scam is like a week with sunshine. That was not last week! Like Netflix lately, Amazon users world wide are targeted by phishing fraud. This carp tries to trick you into thinking that it is legit by entering a “support.prime.com” email address into the TO field for you to see. But your email was hidden in the BCC field, along with dozens of other victims. This email about your Prime membership renewal contained an attachment. That attached pdf had a shortened link in it using a service in Germany called qrco[.]de. Unshortened, that link redirected to ionos[.]com and that is certainly not amazon.com!
Do Not Buy Airline Tickets from this Website! — Recently, while looking for holiday airline tickets using Google to search for Jetblue, we noticed a “Sponsored” link for an oddly-named website called fareoutlook[.]com. It claims to have “affordable and discounted ticket prices.” The domain fareoutlook[.]com was registered in October, 2022 in Iceland using Namecheap, and these facts immediately tingled our spidey-senses. This site looks legitimate and offers airline deals, but based on our evaluation we think it is suspicious and do NOT recommend it for consumers to use!
We asked a number of websites to evaluate the risk or legitimacy of Fareoutlook[.]com and found that several tools we value rated it as “risky,” “dubious,” “suspicious,” and “without a reputation.” Here is a screenshot showing 3 such ratings from Scam-Detector.com, webparanoid.com and our partners at Scamadviser.com.
In addition to these services calling Fareoutlook[.]com suspicious, we also found lots of very poor reviews on the web by people claiming that they had purchased an airline ticket through this site and had received very poor services in a variety of ways. For example, several reviewers in Spain posted 1-star reviews on Trustpilot.com. This is the English translation from one of them on TrustPilot posted on Aug 23:
“TOTALLY SUSPICIOUS – COMPLETELY SUSPICIOUS PHONE FROM MADRID BUT A PERSON OF ARAB ORIGIN ANSWERS YOU (I DO NOT SEE A PROBLEM SINCE I SPEAK SPANISH), WHEN MAKING THE RESERVATION IN MY CASE IT RETURNED IN JANUARY AND IT AUTOMATICALLY JUMPS TO JUNE, SEVERAL CALLS UNTIL THEY ANSWER ME AND 30 MINUTES OF WAITING FOR THEM TO TELL YOU THAT THE RATE HAS INCREASED.”
“Fareoutlook, they deceive and do not comply – You buy the flight on a flight search engine like @jetcost, they give you a good price (in my case €349) and they tell you that they will confirm the flight in a few hours. Hours later, you receive an email telling you to call them, the offer is no longer available (although it is still published on Jetcost) and that it is now worth €955. That’s what I call cheating. Jetcost should also analyze which partners it works with”.
Fareoutlook[.]com as a 60% trust rating at Scamdoc as of November 18. To be fair, IPAddress.com calls Fareoutlook[.]com safe but we don’t think IPAddress is the best judge of online fraud! Finally, below is a screenshot of another very negative review posted 6 months ago from Canada on Trustedrevie.ws. Trustedrevie.ws gives Fareoutlook[.]com a rating of 19.8 out of 100! Our point couldn’t be more clear! Just because you see a “Sponsored link” in Google doesn’t mean it is safe, reliable or a good choice to click, and Google most certainly can’t keep you safe!
Email From a Friend and Want Google Map Reviews? — One of our readers reported receiving the email below from a friend of his named Nick. However, he immediately recognized that this email didn’t come from Nick’s email address, and in fact, came from a malicious gibberish email account. Nick’s account was likely compromised and his contact list was probably stolen. Very likely, all of his friends received a similar email message like this “just making sure you remember them – maybe I should have sent them to you a bit earlier – 2 pics here.” The link that followed pointed to a domain registered the day before and is 100% malicious!
We at The Daily Scam received a wonderful offer from a man identifying himself as Danyl Tost. However, as is almost ALWAYS the case with these types of emails, we felt that dear Danyl has no credibility! Danyl is offering to help us improve our reviews on Google Maps. (Like we care about Google Maps?!) If we’re interested, Danyl asked us to click a shortened link pointing to tinyurl.com. (Why not just send us the full real link?) Instead we unshortened that link and discovered something shocking! Wait for it…… We would be sent to a freelance service market called fiverr[.]com that has been misused many times by cybercriminals. From there, we’re informed, we would be redirected to lots of popup pages. Too many to follow and, no doubt, at least one of which would likely be malicious. No thanks, Danyl. Google Maps can wait.
FNBO Credit Alert, Another Pig Butchering Scam, and Whatever this is! — The Safety Officer at a US Company shared an unusual targeted attack that was directed at the company’s CEO. The CEO received a text you see below that included a reference to FNBO, the First National Bank of Omaha. What is so concerning about this scam is that FNBO is the bank used by this company, we are told. The text came from an unfamiliar number. The Safety Officer wondered if someone were impersonating their bank or could know what bank this company uses. We told the Safety Officer that we believed the text is a complete fraud. Here’s why…
- The domain in the link is nechrom[.]com. (It appears just before the first single forward slash.). The “fnbunion” is actually a folder name that follows the domain name and is NOT the domain in this link.
- nechrom[.]com is an unknown on Google searches, which is strange since this domain was registered in 2006!
- Virustotal shows 1 security service identifying that text link as malicious
Though we doubt the company’s bank account information is compromised, we suggested they notify their bank to raise their awareness. We also didn’t find it terribly surprising that scammers figured out their company’s bank IF it is one of the few local banks nearest their business. As for texting the CEO, locating someone’s personal cell phone is relatively easy in this day and age!
For about the sixth time in several months, I received another accidental random text that seemed innocent enough. Except that the sender was a beautiful young woman from Belarus named Isabella, who is living in the the US. Isabella wanted to engage in a conversation and become friends. However, this is just another pig butchering scam! I told Isabella to call me Fred and lied about my age and location. Enjoy the brief conversation, which ended abruptly when I told her what my profession is.
One of our readers received this random text sent to 20 people from a Hotmail email address she didn’t recognize. VirusTotal.com shows 3 security services have identified the link as malicious!
Until next week, surf safely!
Copyright © 2023 The Daily Scam and Scamadviser. All rights reserved. You are receiving this email because you
have subscribed to it via Scamadviser.com or thedailyscam.com
Keurenplein 41, UNIT A6311 | 1069CD Amsterdam, The Netherlands