Your Last Receipt Scam: How It Works
According to a recent Statista report, over 2 billion people purchased goods or services online during the pandemic. In 2020, e-retail sales surpassed 4.2 trillion dollars worldwide. Trillion. Crazy numbers, right? Whether it is Amazon, eBay, Walmart, Costco, Whole Foods, or Best Buy, the chances are that you, too, buy things online regularly.
The danger of all this convenient shopping is that people put down their credit card number without diligence. However, one of the most prevalent scams NOW is called Your Last Receipt. It is an upgraded version of a scheme that a few years ago was perpetrated after consumers were purchasing goods in-store.
These days, with the advancement of technology, The Last Receipt Scam is easier to pull and harder to avoid, especially during the COVID-19 pandemic. Let’s dive in and show you how it works and how to avoid one of the most prevalent email scams.
Targets: Marketplaces, Grocery Stores, Restaurants, and eCommerce Sites
What was the last thing you bought online? Or maybe you have ordered a meal? The scam could be pulled by criminals also using restaurant names, as the food delivery industry has skyrocketed during the pandemic. In a nutshell, every platform that takes payments by credit card (and has you as a client) is the target of this trick.
For the sake of exposing the scam, let’s say the victim purchased an item from Amazon or Walmart. The scam works like this. The victim receives an email having the sender’s name as the store – Amazon, in this case. You have probably received many other fake Amazon emails before, but this one has a twist. It is different than – for example – the typical “Your Receipt From Apple” scam.
Look at the screenshot above.
The content reads: “Hope you enjoyed your last shopping experience with our store. Please find your last receipt, attached, and verify the additional fees that are on the invoice. Thank you for shopping with us“.
Fraudulent QR Code or Zip. File
The consumers are aware that they have shopped at that store, so the email doesn’t seem unexpected. However, intrigued by the ‘additional fees’ reference, many of them hurry to open the ‘receipt,’ ignoring seeing the file type. The attachment is a zip. file, that contains a virus, keystroke logger, or malware.
Alternatively, the option given is a fraudulent QR code that leads the consumer to a suspicious website that could make you a victim in no time. QR codes are very popular nowadays since the pandemic started, so scammers take that to their advantage.
A keylogger is malicious software that records all your keystrokes as you type them on your device. Therefore, when you open your bank account or any other platforms that contain your personal information, the keystrokes are stored on the scammer’s tape.
By the way, you can check the integrity of every website using the Scam Detector’s website validator here.
Emailed Receipts Scam: How To Avoid
Never open attachments from unknown senders. If you purchase anything online, whether on Amazon, eBay or Etsy, the invoice email eventually shows the total amount in the content of the message – not just in an attachment. Even if it says the name of the brand that you’re familiar with, carefully inspect the browser to spot any mistakes in the spelling of the website.
Look at the domain name of the sender’s email. Is it the store’s name dot com, or does it have extra letters and numbers, like bestbuy52a5.com? Also, be careful about the letters ‘o’ and ‘i’ in every domain name, as their capital letters could be easily confused with 0 and I.
Entirely ignore the zip. files that arrive into your inbox, regardless of where they’re coming from. Unless you are expecting one, don’t open it. Delete and feel good about it. Legitimate receipts never come as zip. files.
Watch the video below to see the Last Receipt Scam exposed:
How To Report The Fake Bill Scam
Make your family and friends aware of the Last Receipt Scam by sharing it on social media. You can also officially report the scammers and other suspicious activity to the Federal Trade Commission (FTC) using the link below:
How To Protect Yourself More
If you want to be the first to find out the most notorious scams on a weekly basis, consider subscribing to the Scam Detector newsletter here. You’ll receive periodical emails and we promise not to spam. Last but not least, feel free to use the comments section below to expose other scammers.
Verify a website below
Are you just about to make a purchase online? See if the website is legit with our validator: