Another too-good-to-be-true coupon went viral on Facebook Thursday, this time offering $80 off a purchase at Wegmans.
Once clicked, it takes you to an inane three-question survey ("Have you ever shopped at Wegmans? Yes/No/Don't Remember). At the end, you're prompted to share the same link on Facebook with the message "Thanks #Wegmans", then go back to the survey and click the "like" button posted beneath it. Once you're done, you'll allegedly receive your coupon.
Of course, the coupon never comes.
But what's the scam?
Why would someone go to all that trouble just to get you to take a fake survey with irrelevant answers?
In this case, it's to ensnare your friends and lead you to a fake rewards website where more malicious web attacks await.
But it's just one of an ever increasing number of ways thieves have devised to infiltrate your computer or Facebook page where they can gain access to sensitive information and even your bank account.
Sometimes you'll receive what looks like a video on Facebook Instant Messenger, with a message from your friend that says, "Is this you?! I can't believe it!" Intrigued (or worried), you click. Automatically, the same "video" link and private message go out to each of your Facebook friends. When they click, the same happens, and on and on. Then, congratulations! You've all been infected.
Sometimes the schemes are slightly less nefarious, as is the case with "like farming." You've seen those posts that say something like, "Like and share this post if you hate cancer!" Well, who doesn't hate cancer? Or "For every share, this sick child will get $1 toward her medical treatment." Boy, gotta support that.
Except once the page or post has collected enough likes, the scammer will delete the original content. They will then either sell the page to someone who will replace it with their own content or replace it themselves with ads for scam products.
And that's just a small taste of what's waiting out there.
Here's how the Wegmans coupon scam works:
When you share the link on your page, it looks like you're vouching for its authenticity, which leads people who trust you to click on it and try it for themselves.
Next, when you click the "like" button, you aren't "liking" a Facebook page at all. The underlying code reroutes you to a professional-looking "Flash Rewards" website with the URL OnlinePromotionsUSA.com, which promises a $100 gift card "*upon completion of purchase requirements."
The Flash Rewards website (USArewardspot.com reroutes there, too) is classified as a "browser hijacker," which modifies your web browser without your permission. Browser hijackers usually force pop-ups and other advertising in order to drive traffic to a website and increase its advertising revenue.
But it can also contain spyware, which could monitor your keystrokes and steal passwords for things like banking and credit card websites.
But wait, there's more! If you want to sign up for Flash Rewards (and why wouldn't you? You sure liked that Wegmans coupon), you'll have to list personal information including your address, phone number and birthday. And to qualify for that gift card, you'll have to complete an endless array of steps: join this mailing list, subscribe to this service, fill out that 20-minute-long survey.
That opens the floodgates. From there, you'll be deluged with all kinds of spammy and scammy offers ("Work from home!" "Free watch – just pay shipping!"), sent by email, phone, text message. They may come from the original scammer, scammers who paid the original scammer for your information, or new scammers you gave information to when you engaged with new offers.
Isn't this fun?
Each of those new offers is another attempt to get access to your personal information and your money.
If you did click on the post – no shame, everyone wants a Wegmans coupon – you'll want to scan for malware and spyware with a program such as Spybot. Changing your Facebook password isn't a bad idea, either.
Wegmans was aware of the scam Thursday morning and working with Facebook to get it taken down, according to company spokesperson Michele Mehaffy.
If you see something iffy again, and you will, there are a couple of tell-tale signs to watch for.
With this case, for example, there's no mention of the promotion on Wegmans' official website or Facebook page (which has checkmark to verify its authenticity). The domain name associated with the link is clearly not wegmans.com; it's weg.com-mans.com. That means the website is actually Com-mans.com with the subdomain "Weg."
And the coupon is supposed to honor Wegmans' 100th birthday, which Wegmans fanatics know happened three years ago.