More threads by David Baxter PhD

David Baxter PhD

Late Founder
Experts warn of online coupon scams: E-mailed coupons could lead recipients into 'phishing' schemes
December 5, 2007
By Rachel Konrad, MSNBC

SAN FRANCISCO - Online shopping scams could become a major security threat in the weeks leading up to Christmas as consumers eagerly type in credit card numbers, click on discount coupons and participate in online promotions, security experts worry.

Instead of moneysaving deals, e-mailed coupons could lead recipients into "phishing" schemes where the consumer is redirected to a copycat site, whose real purpose is to siphon the user's credit card information, passwords and other financial data, IBM Corp. security executive Christopher Rouland warned.

"That 50-percent-off, one-use coupon could go to a compromised computer in Kazakhstan," said Rouland, chief technology officer for Internet security systems at Big Blue, which controls more than 1 million "phish trap" e-mail addresses that discovered 867,000 scams in the third quarter. "The quality of malware is very high."

IBM is urging online shoppers not to click on links within e-mails that appear to come from an online retailer. Instead, open a new Web browser, go to the retailer's site, navigate to special coupons or promotions and see if it's there.

Brian Trombley, a product manager for computer security firm McAfee Inc., said holiday phishing scams are shaping up to be an "extraordinary problem" this season.

No single giant retailer has been a particular target of holiday attacks; eBay Inc.'s PayPal unit is still an overwhelming target of scammers.

"The scammers are getting more and more sophisticated," Trombley said. "They're using better English, they're getting better at copying real sites and making their site look like the real thing."


The safest way to use online coupons, in my view is to search for coupons using the acknowledged coupon sites, where a coupon code is issued. A coupon code is a code which is entered at the checkout of a vendor's site resulting in a discount.

Some vendors such as Dell often allow the buyer to "stack" coupons which means several coupon codes can be entered for one purchase.

David Baxter PhD

Late Founder
Also, in most of these email scams, mousing over the link they want you to click (without clicking it) will usually reveal a different address in the status bar at the bottom of your email reader (e.g., Outlook Express).

Daniel E.
What a great post. It certainly shows how "scammers are getting more and more sophisticated."
Replying is not possible. This forum is only available as an archive.