[COMPLETED] 🔍5th Scam Spotting Challenge: Online Shopping Email Edition🔍

Firmy

The holiday shopping season is here, and so are online shopping scams. 🛍️ Our 5th Scam Spotting Challenge focuses on Online Shopping Scam Emails to help you spot fake order confirmations, false discounts, and other scams that target online shoppers.

Challenge Details:

📅 Ends: December 6th, 05:30 GMT
💬 How to Join: Check out the sample online shopping scam emails and comment below on how you recognized the scam. Describe what clues you saw in your own words for a real response.

Rewards:

🎖️ Badges for all participants
🏆 Top Spotter: The most detailed answer will win a special prize from F-Secure

Whether you’re experienced or new to spotting scams, this challenge is a great way to improve your skills and help keep our community safe.

Ready to join? Comment below with your answer and help fight online shopping scams!

Candi1

orders@E-bay, is not Ebay from who the email is from. I wouldn't have nor did I order a MacBook Pro, let alone off of Ebay for 2, 499.99. The confirmation number of straight consecutive numbers #12345 is very suspicious. If for some odd reason I did order a MacBook Pro off of Ebay, I would go check my confirmation email I got when purchasing, to check the confirmation number & information. But I know just by looking at this, it most likely wouldn't be #12345. It seems to know you didn't actually place the order(which Ebay would never send an email like this) & gives a link to click. I'd never click a link in an email I didn't know for sure who it came from. Again, I would go to my original order & use the information from that. I would flag this as a scam & be done with it.

Ukko

Well…

I will always be highly suspicious of any emails or notifications about any orders or purchases that I have not made.

Especially if they greet me like they do here ([Customer]), then it will even be easier to understand the attempted fraud. Much easier than assuming that this is some kind of mistake (they sent it to me by accident) or that they are somehow using my name or something else, although I don’t understand why (so, determining whether it's a scam or not will require more steps).

Then, e-baynotifications address also looks suspicious to me. I would have thought someone was trying to impersonate Ebay (given the content of the letter), but at the same time uses an almost obvious fraudulent email address / domain.

In addition to the fact that the letter itself is a little strange in terms of wording and template (most likely atypical for real Ebay), at the moment when it came to most likely the most important scam vector, we encounter a typo. It says "If you did not palce this order";

So, I indeed did not palce it and did not place it either. And they are trying to convince me to click to cancel and, moreover, to secure my account. It would already smell like full bogus to me.

If the mail looked a little more realistic or timed well, then I would do something like: I would manually check my Ebay account (which I don't have, however) in another browser, I would check my bank accounts (in case it implies that payment has already been made), and I definitely wouldn't go in or even open the letter.

Toweri

This is very obvious.

(Assuming the order number in this sample, "12345" is just a placeholder. No scammer would put 12345 as an order number…)
1. Sender domain "e-baynotifications.com" is not real eBay domain. They would strictly use the "ebay.com", "ebay.co.uk" or perhaps "ebay.de" domains.
2. The message does not state my full name, which is one of the ways legitimate actors help users distinguish valid messages from fakes. (Assuming the "Dear [Customer]" is to be taken as-is in this sample. Should it have my real full name, doesn't alone prove this is valid.)
3. The typo "palce" is of course a red flag too.
4. "click here" -link is obviously suspect. I would check, where the link actually points to. (This is very easy on Thunderbird, which reveals true link address.)

If I received such a message, I would carefully review the message headers, especially the full delivery path, to see where it has actually originated from. (Though the headers can also be faked, so this is not surefire way either.)

Firmy

Thank you to all who took part in this challenge.

The winner will receive a notification through a private message, and badges have already been added to your profiles.

Although this round has ended, keep an eye on our community page for the next challenge. We can't wait to see you again.