SCAM OF THE WEEK: Mystery Box Mayhem

If something seems too good to be true, it usually is, and this recent phishing scam is no exception. This week, cybercriminals are sending an email that appears to come from the online retailer Shein. The sender’s email address isn’t from a Shein domain, and the email does not contain any official logos or branding. However, the email claims that you have won a Shein Mystery Box and encourages you to click a link to claim your prize.

If you click the link, you’ll be taken to a website with a URL different from the official Shein website. You’ll be instructed to enter your personal information there so that you can receive the mystery box. Of course, this is a fake website that is controlled by cybercriminals. If you enter your information here, they will be able to steal it immediately.

Follow these tips to avoid falling victim to a phishing scam:

  • Check other sources to verify the legitimacy of an email. In this case, the email claims that Shein is giving away a mystery box. If this were a real giveaway, Shein’s official web page would contain more information.
  • Hover your mouse over the link in the email. This action will allow you to see the webpage URL where the link will direct you. In this case, the website URL is not connected to Shein.
  • Pay close attention to the sender and body of the email. This phishing email sender doesn’t appear to be related to Shein. The body of the email doesn’t contain logos or branding, meaning that it is unlikely to be an official email.

The KnowBe4 Security Team
KnowBe4.com

May 10, 2024