Staying Fit
Trying to pinch pennies with coupons? Watch out for scammers using new coupon cons to pinch you.
For years, scammers have used the lure of online coupons as bait to infect your computer with "malware." Click on links offered in emails and online message forums and instead of getting manufacturer-offered money savings, you could be downloading stealth programs that give hackers your files, passwords and online bank account numbers.
AARP Membership— $12 for your first year when you sign up for Automatic Renewal
Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.
Well, that tried-and-true ruse is still in use, but scammers have added new ammo to their arsenal. The latest scams include:
Daily Deal Dupes
In recent months, crooks have been impersonating Groupon, the popular online group coupon service, reports online security watchdog Kaspersky Lab. Over the summer, the lab discovered an email that had links supposedly sending you to the Groupon website. But, in fact, an attached zip file named Gift coupon.exe contained a dangerous malware program. Since September, emails from scammers purporting to be from Groupon have contained no attachments — only links to direct you to a scammer-run website.
Your defense against either ploy: Know that legitimate coupon services never include attachments in their emails, says Kaspersky — especially zip files. Don't click on them. And if there's no attachment, but there are links, make sure that before clicking on any link, you hover your mouse over it to see what file name or Internet address appears on your screen. It should show a known address, such as groupon.com, or a manufacturer's or coupon trader's website, such as couponsherpa.com, coupons.com, coolsavings.com or couponmom.com. If legitimate addresses don't appear, suspect malware.
Social Media Stings
Scammers create fake accounts that look like those of trusted brands, offering authentic-looking but bogus coupons. Often, the intention is "clickjacking" — in which a malicious link or program is digitally hidden behind the "like" button. Click on "like" and instead of the promised coupon, you activate a malicious program or get redirected to a website seeking your personal information under the guise of coupon delivery.
Always beware of online coupon offers that say you have to disclose sensitive data such as credit card details for redemption. "Scammers know that by offering an irresistible online coupon, they can get people to hand over some of their personal information," notes security software company McAfee.
Your defense: If you see coupons for a brand-name company touted on social media websites, they're likely to be available on the company's own website. So reduce your risk by redeeming there, not on the social media site. Provide nothing more than an email address (ideally, open a separate account to receive coupons) to get emailed offers. Give only your home address to get mailed coupons.
More From AARP
How Cybercriminals Stole $1.8 Billion from Unsuspecting Older Americans in 2020
FBI blames last year's scam surge on technology dependence during pandemic