Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the week: Warning over Morrisons £50 Free Voucher Scam

Warning over Morrisons £50 free voucher scam

Morrisons shoppers are being warned to avoid a fake voucher scam that is currently circulating on Facebook.

The post claims stores are celebrating their ‘anniversary’ and that anyone who shares the link will receive a £50 voucher.

The scam appears entirely legitimate and an image of the voucher is included within the post to entice the user to click on the link. It also claims the offer is for ‘Today Only’, another tactic to spur the recipient into taking immediate action.

Scam of the week: Warning over Morrisons £50 Free Voucher Scam

If the user clicks on the post, they will be taken to a fake website where they are asked to complete a short survey about their shopping experiences at Morrisons. The site will then pretend to verify their entry before confirming they have won a voucher.

Regardless of what information has been supplied, the victim will be told they have won the voucher, but in order to claim it, they will need to share the post on Facebook and type ‘thanks’ in the comments field. This will help spread the scam, exposing friends and family to the same bogus post.

Even after submitting all this information, the user is instructed to click on a ‘claim voucher’ link to receive their voucher. This is just another way to harvest their personal details and the likely scenario is that they will be bombarded with yet more unsolicited emails, phone calls and text messages.

Scam of the week: Warning over Morrisons £50 Free Voucher Scam

After sharing, liking and submitting all their contact information, the victim will quickly realise there is no voucher and they’ve been scammed.

Morrisons has confirmed the post is fraudulent and has nothing to do with the company: “We are aware of a number of spam emails, text messages and social media posts from third-parties posing as Morrisons for the purpose of fraudulent activity. If you receive one of these suspicious messages, please do not click any links, open attachments or enter personal information.

“We would never ask for your personal details in order to redeem a voucher. If you believe you have been contacted please contact us on ‘0345 611 6111’ or call Action Fraud on ‘0300 123 2040’.”

How to avoid being scammed on Facebook

  • Never click on links requesting personal information –These links will nearly always be created to steal sensitive information or deliver malware. If you’re unsure if the request is legitimate or not, go directly to the company’s official website to see if they are running any official promotions.
  • Look for the blue tick – If you’re on the Facebook page of a legitimate business, it should have a blue tick which means it’s a verified account.
  • Never accept friend requests from someone you’re not familiar with – If you accept a friend request from a fraudster, they could spam your timeline, tag you in posts and send you malicious messages.
  • Google the company – Search for the company’s Facebook page on Google. The top listing should be the correct one – check it’s the same as the page the original post was issued from and if there’s any mention of a competition. If not, it’s likely the page is fraudulent.
  • Install anti-virus software – The installation of anti-virus software will help detect threats on your device and block unauthorised users from gaining access.
  • Use enhanced privacy settings – Regularly check and adjust your privacy settings to restrict what people can and can’t see on your profile.
  • Receive phishing updates from Facebook’s security page – The Facebook security page will keep you up to date with any news or updates regarding recent phishing attacks. All you have to do is like the page and you will receive regular updates in your news feed.
  • Check for terms and conditions – All competitions in the UK must have terms & conditions, and these must be easily accessible to all prospective entrants. If there are no T&C’s, suspicions should be raised.

Despite the increasing sophistication of phishing attacks, there are a number of ways you can protect yourself online. MetaPhish has been specifically designed to protect businesses from phishing and ransomware attacks and provides the first line of defence in combating cybercrime. Get in touch for further information on how we can help your business.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations