Scammers are out to steal from you, and a recent push by criminals could see the theft keep going after you’ve been tricked by a mystery.
It wouldn’t be a week if we didn’t hear about some new way scammers and cybercriminals are pulling one over the general public, and lately, there’s more of that than ever.
With scams being a multi-billion dollar industry (and that’s just from what’s reported), criminals are clearly up to finding new tricks to keep people spending, and lately, there’s one that could see you spending without realising thanks to a box.
It’s not Homer trading everything for a “mystery box” nor is it a box from the film Se7en, but rather a subscription box filled with its own sense of mystery, and one that could be luring unsuspecting individuals into giving away debit and credit card details.
What is the mystery box scam?
Called the “mystery box scam”, it sees criminals assembling a virtual box of goods from a clearance sale or from services, and then selling these under the guise of being a mystery box that costs less.
The idea almost sounds like a “cleanskin” applied to goods, except it’s not quite as promising.
Instead of getting good wine at a cheap price from a known brand (which is what a cleanskin usually is), you may be getting nothing but deception, with your details being stored all while a scammer says you’re getting a great deal. It’s probably not a box released by the brand sold to you at a good price, and instead is just a box filled with nothing useful acting as a way to get your details.
What’s inside each advertised mystery box is just that — a mystery — but your financial details have been provided as part of the transaction, and you may have unwittingly signed up for a subscription model listed in the tiniest of fonts noting that your purchase now comes with recurring payments for a subscription.
In short, it’s a grift: you pay for something, and in turn get charged repeatedly without realising it.
Examples of the scam
Security company Bitdefender has recently picked up on more uses of the mystery box scam, so much that around 140 websites ran the model, often with a complicated system that can end up sending you real product, though with a debatable value.
Part of the allure comes from scammers using impersonated brands or product imitations, often with advertisements on social services that make them seem too good to pass up. At the same time, they’re also too good to be true, a trick some might be willing to try for given the seemingly low cost they begin with.
One example included an “Apple mystery box” for two dollars, while another noted a budget mystery box from clothing brand Zara. The low cost seems like an easy win, even if you end up with nothing, but the problem is handing your details over to a criminal, and being taken for a ride.
“There will always be people willing to click on ‘unbelievable’ deals, especially when they come from what appears to be a trustworthy source like Facebook,” said Silviu Stahie, Security Analyst at Bitdefender.
“The global scam network we uncovered takes things even further. It involves hundreds of websites using complex subscriptions and point systems, all designed to confuse victims and convince them they’re missing out on a once-in-a-lifetime opportunity,” he said.
“While security solutions have become essential for safe online navigation, one simple rule still applies: if it sounds too good to be true, it probably is.”
