1. News
  2. /
  3. Business

So how come everyone wants my opinion? Maybe because it’s a phishing scam

Emails from a home improvement store, bank and pharmacy say they want to pay me to hear how they’re doing. But the sender likely has eyes on a bigger prize.
Emails saying they'll pay you big bucks to opine about a store or bank are filling up inboxes.
Emails saying they'll pay you big bucks to opine about a store or bank are filling up inboxes. [ MARTHA ASENCIO RHINE | Times ]
Published May 26
Updated May 26

I have felt immensely popular lately. Really valued. Just look at my emails.

It appears Home Depot wants to offer me a reward — minimum value $90! — just to give my “valuable consumer data” for their 2021 Research Survey. I can get a $50 Wells Fargo voucher for completing “a quick survey about Wells Fargo.”

Lately it seems there’s no end to retailers filling my inbox, dying to know what I think and willing to reward me for it.

Except, it turns out, they aren’t.

Despite that trusty Home Depot orange and familiar Wells Fargo font — accompanied by a photo of a happy couple who appear to have just successfully negotiated a bank loan — both companies confirmed that nope, it wasn’t them.

“These types of emails, text messages and phone calls are indeed scams,” said Wells Fargo spokesperson Amy Amirault via email.

Sure, there’s legitimate market research being done out there. Or, senders can be third-party marketers with nothing to do with the actual company, which they sometimes reveal in print so tiny only mice can read it. But often there’s someone with seriously nefarious intentions out there — “the bad guys,” as some fraud experts call them.

And if you explore those ads? “You’re immediately telling the bad guys you participate in things like this,” said identity theft expert Carrie Kerskie, author of Your Public Identity: Because Nothing is Private Anymore. “Now they know how to target you.”

“If you were to get an email that is pure spam marketing and you interact with it, you would earn yourself an illustrious position on the suckers list,” said Richard Lawson, former director of the Consumer Protection Division of the Florida Attorney General’s Office, now at the Gardner Brewer Martinez-Monfort law firm in Tampa. “All the bad guys in the world will share this.”

Phishing and smishing — pretending to be reputable companies to con people out of personal information via email and text — became Olympic sports in the pandemic. Identity theft cases more than doubled in 2020, according to the Federal Trade Commission. We may get savvier, but scammers never sleep.

“I’m seeing new things almost on a daily basis,” Kerskie said.

Consumers reported to the Better Business Bureau’s Scam Tracker that they completed surveys for the promise of gift cards or prizes (including dashboard cameras and fancy ear buds), gave their credit card information for a nominal shipping fee and found themselves charged repeatedly with large, unauthorized sums.

Scammers are also after bits of personal information as innocuous-seeming as your phone number and as dangerous as your passwords to build creative ways to steal from you.

Creative? Say you get a message from Facebook or Amazon saying the company detected a problem with your account and needs you to sign in so they can fix it. But the log-in site is actually a well-duplicated fake. Once you sign in, “the bad guy harvested your credentials,” Kerskie said.

And it doesn’t even matter that I don’t bank at Wells Fargo or frequent Home Depot. Odds are someone else getting those same come-ons does.

“They will send hundreds of thousands of these emails a day,” Kerskie said. “It’s a numbers game.”

Expert advice: Never click on links or attachments in an email you don’t know. Go to the homepage of the company to see if they really have an offer going. Google the company name and “scam.”

“You can use the internet for good to help defend yourself,” Kerskie said.

Though some scams are pretty sophisticated, be especially wary of come-ons with bad grammar or spelling. Check the sender and URL. If it doesn’t include the company name or has it before the “@” symbol, be leery. Odd spaces and random periods are also red flags. So are letters that look slightly off, like a lower case “a” that doesn’t have that top loop. It’s believed scammers use similar-looking symbols to make their web addresses look authentic.

My most recent request says it’s from CVS pharmacy and promises a “FANTASTIC PRIZE” for my thoughts. My only thought is: Delete.