GroupMe iPad Giveaway, Costco, Walmart, and Tinder — Top Scams of the Week
Author: Trend Micro
We’ve detected tons of phishing scams this week, including ones relating to GroupMe iPad giveaway, Costco, Walmart, and Tinder. Would you have been able to spot all these scams?
What is phishing?
Impersonating trusted brands, and under a variety of pretenses, scammers will send you phishing links via social media, text message, or email — always with the goal of stealing your personally identifiable information (PII) (i.e. email address, Social Security number, credit card number, and more). They will prompt you to click on phishing links to complete various tasks or to take action (e.g. verify an account, update billing information, or check a delivery’s status). Or, more often, they will promise you free gifts and ask you to claim the reward via the attached phishing links.
These phishing links lead to scam/phishing sites designed to record any PII you submit. With your stolen information, scammers can commit identity theft or other crimes. Below are some examples.
GroupMe[.]fun iPad Giveaway Scam
We’ve reported on GroupMe giveaway scams in which scammers spread phishing links using GroupMe before — and this week there seems to have been another wave of them.
The phishing link will take you to a series of fake online survey pages that say you can get a gift after completing the survey.
Note: Take a close look at the web address — it’s not a genuine GroupMe website! (It should be groupme.com)
GroupMe[.]fun Scam
Sample fake GroupMe websites:
- Groupme[.]fun
- Groupme[.]love
If you proceed with the survey, you will be instructed to claim the free iPad by hitting the “Claim Now!” button:
GroupMe[.]fun iPad Giveaway Scam (1)
The button will take you to another site that requests your PII, including your home address and phone number, and in the end, it may even ask for your credit card credentials.
GroupMe[.]fun iPad Giveaway Scam (2)
Protect Yourself from Phishing Scams (Free Tool!)
The best way to prevent phishing scams is to never click on links or attachments from unknown sources, but a FREE tool to help you fight scams wouldn’t hurt either, would it? Trend Micro Check is a free browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links. Download today and surf the web with confidence!
The Trend Micro Check browser extension blocks dangerous sites in real time! (Available on Safari, Google Chrome, and Microsoft Edge.)
The Trend Micro Check app automatically detects and filters scams and spam 24/7. (Available for Android and iOS).
Check out this page for more information on Trend Micro Check.
Costco Survey Scam
Costco is always among the top-ranking impersonated companies in our weekly scam detection. This week we found a lot of fake Costco scam texts. Have you seen anything similar?
Costco: We’re conducting our monthly audit and would like some input from current shoppers. <URL>
Again, posing as Costco, scammers falsely claim that you can get a gift by finishing their online customer survey via the attached link. Not surprisingly, it will take you to a fake Costco survey page:
Costco Survey Scam (1)
You could end up exposing your PII and credit card details. Of course, scammers will collect all of these credentials and use them for their own good. Don’t let them!
Costco Survey Scam (2)
Walmart Survey Scam
Walmart is also another reoccurring brand that’s exploited in phishing scams. Scammers send you a random notification and try to lure you into clicking on the attached link to steal your PII:
Walmart Notify – The certificate ending in 3932 has to be spent by Today <URL>
Featuring $100 cash as a gift, the phishing page will guide you into inadvertently sharing your PII. Be careful!
Walmart Survey Scam (1)
Walmart Survey Scam (2)
Tinder Scam
“Someone matched with you on Tinder!” If you receive a similar email, don’t be quick to click the button. Check the sender — is it really from Tinder?
Tinder Scam (1)
We’ve seen similar Tinder phishing scams several times before. If you fall for one and click on the embedded button, it will lead you to an adult-themed phishing page where, as mentioned, you will be asked to submit your PII. Be careful!
Tinder Scam (2)
Tips to Stay Safe from Scams
- Double-check the sender’s mobile number/email address. Even if it seems legitimate, think twice before you take any action.
- Free gifts are a red flag.
- Only use official websites/applications. Never click on dubious links! (Use Trend Micro Check)
- Get alerted with Trend Micro ID Protection if any of your PII gets leaked.
- Finally, add an extra layer of protection to your devices with Trend Micro Maximum Security. Its Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection will help you combat scams and cyberattacks.
If you’ve found this article an interesting and/or helpful read, please SHARE it with friends and family to help keep the online community secure and protected. Also, please consider leaving a comment or LIKE below.
This article was published in collaboration with Trend Micro.
Image source: unsplash.com
Report a Scam!
Have you fallen for a hoax, bought a fake product? Report the site and warn others!
Scam Categories
Help & Info
Top Safety Picks
Your Go-To Tools for Online SafetyDisclaimer: Some of the links here are affiliate links. If you click them and make a purchase, we may earn a commission at no extra cost to you.
- ScamAdviser App - iOS : Your personal scam detector, on the go! Check website safety, report scams, and get instant alerts. Available on iOS
- ScamAdviser App - Android : Your personal scam detector, on the go! Check website safety, report scams, and get instant alerts. Available on Android.
- NordVPN : NordVPN keeps your connection private and secure whether you are at home, traveling, or streaming from another country. It protects your data, blocks unwanted ads and trackers, and helps you access your paid subscriptions anywhere. Try it Today!
- Incogni : Incogni automatically removes your personal data from data brokers that trade in personal information online, helping reduce scam and identity theft risks without the hassle of manual opt-outs. Reclaim your privacy now!
Popular Stories
In a nutshell: A good VPN protects your privacy with strong encryption, a strict no-logs policy, and fast protocols like WireGuard. The best VPNs also offer wide server coverage, leak protection, and easy-to-use apps for all devices. For 2025, the top providers are NordVPN, ExpressVPN, Surfshark, Proton VPN, Private Internet Access, CyberGhost, and Mullvad—each excelling in speed, security, or value. In an age where every click is tracked, a Virtual Private Network (VPN) is no longer just a luxury—it's an essential tool for digital privacy and security. A VPN works by creating a secure, encrypted tunnel between your device and the internet, masking your real IP address and protecting your sensitive data from prying eyes. But with hundreds of providers out there, how do you sort the secure from the suspect? This guide breaks down the non-negotiable features of a quality VPN and highlights the 7 top-rated services for 2025. What to Look for in a Good VPN: The 4 Non-Negotiable Pillars 1. Ironclad Security Features Strong Encryption: AES-256, the gold standard. Secure Protocols: OpenVPN, WireGuard, NordLynx, Lightway. Avoid PPTP. Kill Switch: Ensures no accidental IP leaks. Leak Protection: Covers DNS, IPv6, and WebRTC. 2. Verified Privacy Practices No-Logs Policy: No activity or metadata tracking. Independent Audits: Verification by third parties. Safe Jurisdiction: Prefer countries outside the 5/9/14 Eyes alliances. 3. High-Speed Performance Fast Protocols: WireGuard and equivalents. Large Server Network: Less crowding, more reliable speeds. 4. Essential Usability Features Multi-Device Apps: Windows, Mac, iOS, Android, routers. Simultaneous Connections: One account, many devices. Unblocking Power: Netflix, Hulu, BBC
How to Protect Yourself and Your Family After a Data Breach When Your Data Falls Into the Wrong Hands Just received that terrifying notification? Or perhaps you've noticed suspicious activity in your accounts? Take a deep breath. A data breach, the unauthorized access or exposure of sensitive, protected, or confidential data, is a deeply unsettling event. It can plunge you into a world of worry, bringing risks from financial losses and identity theft to significant emotional distress and reputational damage. The numbers don't lie: according to a 2024 report, the number of data breach victim notices has grown by a staggering 211% year-over-year. This isn't just a distant threat; it's a stark reality many individuals face. This year alone, we've seen major organizations like Adidas and Qantas grapple with high-profile data breaches, affecting countless customers. This underscores a critical truth: nobody is untouchable. Subsequently, strategic action is the only way to minimize the risk and protect your future. This guide is your emergency action plan, designed to walk you through every crucial step—from confirming the breach to fortifying your digital life for the long term. Part 1: Confirming the Breach and Understanding the Damage The very first step is to answer the question definitively: Was my data compromised, and if so, how badly? Start with the basics: Check Official NotificationsReputable companies are legally obligated to inform you if your data was part of a breach. Look for official emails, letters, or public announcements. Check Verified Breach DatabasesPlatforms like HaveIBeenPwned help you see if