FRAUD ALERT: Mystery Shopper Scams Getting Aggressive
Mystery shopper scams are nothing new, but I now have the experience of being personally targeted by one. From my research, most of these scams are carried out in a “pull method,” whereby ads are placed in classified sections asking for applicants for a part time job. I was targeted by someone using the “push method,” whereby a live (fraudulent) check was mailed to me in a haphazardly stuffed envelope with an official looking letter and survey form. Redacted versions of those documents are linked above.
One of the first lessons I learned in high school economics was TINSTAAFL. And while I’m pretty far removed from high school at this point, that one came roaring back when I was mailed a check for almost $2,000 without any warning or advanced knowledge. This type of scam is pretty common and takes many different forms, but let’s analyze some of the things that illustrate what is going on. The quality of the scan is somewhat low to keep file sizes down, so the actual copy does not look like a fax and has more gray-scale in it. Some of these things are highlighted in the documents, some are not.
- The first thing I noticed was the postage (actually @FancyPantsMama noticed it). Not from this country. OK, maybe someone has a job stuffing envelopes, let’s see what else.
- The letter was folded poorly and the text was of poor quality. No full color letterhead, just a gray-scale, forgettable letter with poorly reproduced logos at the bottom.
- The logos at the bottom of prominent, household name companies like IBM, Gap, McDonalds, Best Buy, Walmart, Starbucks, Sony, and Office Depot were poorly reproduced. Many of them were obviously pulled from websites due to the dark backgrounds or borders, and the dimensions are wrong. Do you think the branding people behind these powerful brands would sponsor someone who can’t reproduce their logo correctly? Oh, and the best example of this is the logo for Costco.com (not Costco the store).
- Next was the rather large sum of the check. The letter said I was getting a $350 salary, why was the check so high? This smelled like an eBay buyer offering to send me a cashiers check for 3x the amount of the item to have me wire it back.
- My first survey assignment was to do a funds transfer at Western Union, a method used for money laundering or to defraud individuals, but not for $10 or $20 which should be sufficient as a mystery shopper. I was asked to transfer nearly $1,500 plus fees! One of two outcomes happen here… I’m out the money when the check finally bounces or I’m a money mule in a larger money laundering scam (although this seems less likely afterreading this).
- Next was to shop at one of the companies listed, two of which don’t have their logos represented below (albeit Sears is listed and they do own K-Mart).
- A request to call in to “activate the check” for payroll. The check as it stands would have been processed by my bank regardless, but I suspect if I would have called, they would have asked for standard payroll information (like a social security number) to steal my identity.
- The terms “Secret Shopper” and “Mystery Shopper” are used interchangeably and in quotes or parenthesis signifying that you might not be doing those things.
- There are a few typos and grammatical mistakes made in the letter, which strikes me as odd (even though our ability to communicate as a society in written form is degrading at an alarming rate).
- The signature at the bottom doesn’t match the redacted name below.
- The address and logo on the check does not match what is on the letter.
- The “Administrative Office” address is actually an apartment building in Midtown Manhattan.
- Their international head office is associated with fraud already.
- The phone numbers are tied to a Canadian interchange (which actually matches the postage).
- Most importantly, Google has never heard of this marketing company, which seems odd if they have the customers they claim to at the bottom of the letter.
- And speaking of that, is there anything more generic than terms like “Midland Marketing Research” and “Consumer Survey Specialists”?
Unfortunately for these scammers, I didn’t fall victim and neither should you. The Internet gives you too many resources to research companies so don’t let the promise of free money fool you. Remember, TINSTAAFL!
Branden Williams is a senior Information Risk/Security professional with over 15 years of experience in technology and information security. Currently, he is the global CTO of Marketing at RSA, The Security Division of EMC. Mr. Williams is a current CISSP, and CISM.