According to KnowBe4, mystery shopper scams have become increasingly common within the past week. With this scam, cybercriminals target potential mystery shoppers, or “people hired to shop at a particular store and report on the shopping experience for purposes of quality control.” Unlike most email scams, this hoax seems very realistic, as numerous mystery shopper companies actually exist—but they do NOT recruit through email!
Once a mystery shopper falls for the scam, the cybercriminal sends a fake check to cash in the victim’s bank account. The money is supposedly for the shopper’s store purchases and payment for participation as a mystery shopper. The victim is then instructed to send any unused funds back to the fake mystery shopper company via wire transfer. Of course, the check sent to the victim is forged, but the money sent back to the cybercriminal is real.
The fake mystery shopper email looks something like this:
Don’t become a victim of these hack attacks. Sign up for our security awareness training for your entire staff to prevent your employees from becoming victims of these kinds of scams.