Don’t lose your identity to Costco Green lookalike email

By Robb Hicken/ BBB’s chief storyteller

Give Costco your opinions in exchange for Costco cash”  from looks to be a scam to get your information.

Filled with promises of “Cash” when the survey is completed, the address is simply a .com address, with no security provisions.When BBB attempted to open the link, it exposed a “bot” with malware.

These lookalike phishing emails typically spoof a well-known retailer, financial institution/bank or businesses. They typically contain hyperlinks that lead to online forms requesting personal information or download malicious software that can steal login information or passwords.

COSTCO states: “If you received an email concerning Costco Cash or Costco-Green  immediately delete the email and do not reply. This is a phishing scam and was not sent by Costco. Costco is not affiliated with the e-mail in any way.”

Cybercrime involves coaxing consumers to show personal information, such as their Social Security number, date of birth, address and telephone numbers.

The BBB offers the following advice to stay ahead of cybercriminals:

  • Make sure things check out – Research unfamiliar retailer and charity websites at before entering a credit card number. Confirm your online purchase is secure by looking at your browser for the “s” in https:// and in the lower-right corner for the “lock” symbol before paying.
  • Be wary of unsolicited emails – Government agencies, credit card companies and banks will never ask for personal information such as a Social Security or Medicare number through email (or over the phone). In addition, when you receive a link to a “special deal” or coupon through a social network site, type in the Internet address yourself. A link’s true destination may be hidden, taking you to a lookalike  -website or download malware onto your computer.
  • Always use secure payment methods – Never send money by wire transfer to someone you don’t know. Use a credit card, online payment system or escrow service to pay for auction or classified ad items.
  • Beware of overpayment scams – Cybercriminals use scams that involve sending legitimate-looking checks for more than the purchase price and asking that the monetary difference be returned to them by wire transfer. Though the check may initially be accepted for deposit at a bank, it may take several days to bounce, resulting in the loss of any money wired away as well as overdraft penalties.
  • Be selfish with personal information – Social media sites encourage the sharing of information. However, avoid sharing your birth date, address and other information that may be used to help put together a profile that can be used to steal your identity. Check the privacy settings for your profile and considering hiding your profile unless you approve a friendship/contact request.
  • Practice safe computing – Don’t use short passwords, or the same password for multiple sites. Passwords should contain a variety of upper and lower case letters and digits or characters. Ensure your computer  software and operating system are current with the latest security updates and run malware scans on a weekly basis.

There is no telling what new online threats might lurk around the corner, however, common sense and caution go a long way towards protecting yourself from online crime.


Leave a comment

Filed under Investigation

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s