Skip to content
Trends

Groupon Phishing Scam To Get Your Email Address

By Desmond Liao | 3 minute read

Deal-of-the-day websites have exploded on the scene this year. In March 2010, CEO Andrew Mason estimated 100-150 Groupon clones around the world, with “varying degrees of shamelessness.” The latest estimates are in the 500 range according to Chairman and COO, Rob Solomon.

Let’s face it, the model is easy to copy. Anyone with a little courage could put up a site, build a merchant pipeline and funnel traffic in via social media.

That’s the beauty of them – people want to share a good deal with their friends. With the influx of feeds we have to prune back every day, it isn’t hard to imagine a scam artist cashing in on this trend. And then I received this:

Groupon phishing scam

The site claims $10 for $40 worth of merchandise at the Gap from an unknown daily deal site. This seems too good to be true for two reasons. First, the heavy discount is a deep cut to Gap’s margins – particularly after Groupon takes it’s half of the cut. Second, it wasn’t long ago that the Gap sold $11 million or 400,000 Groupons in one day. But Groupon’s promotion was only $25 for $50 worth of merchandise. 75% off is better than 50% off. I clicked the link.

The first thing you’ll notice is how the phishing clone ripped off Groupon’s layout and graphics, but not their CSS formatting.

A few clues raised some red flags:

  1. The domain name is for an unknown company.
  2. The landing page looks unfinished – there’s elements colliding, formatting errors, the Gap logo is truncated, and the content doesn’t sound like it was written by a copywriter.
  3. Broken links.
  4. Would Gap need another promo two months after having the biggest day in Groupon’s history?

Suppose you wanted to buy this deal. The action button takes you into a loop that collects your email address and then takes you back to the landing page. Why in the world would a daily deal site want my email address and not my money?

A word of warning to the many group-buying enthusiasts, don’t give personal information to just any glossy website. They might appear to be legitimate services with official logos, but if hovering over a link reveals a cryptic Web address without HTTPS, take a pass. There are plenty of legitimate social commerce sites you can directly navigate to.

The real deal or scam? You tell us.

UPDATE: A WHOIS lookup revealed the following details about the registrant:

Registrant:
Indulge Daily
266 Robson
Vancouver, British Columbia v5n2k2
Canada

Domain Name: INDULGEDAILY.COM
Created on: 21-Sep-10
Expires on: 21-Sep-11
Last Updated on: 21-Sep-10

Administrative Contact:
Smith, Lancesing  
Indulge Daily
266 Robson
Vancouver, British Columbia v5n2k2
Canada
(778) 859-8487      Fax —

Technical Contact:
Smith, Lancesing  
266 Robson
Vancouver, British Columbia v5n2k2
Canada
(778) 859-8487      Fax —

Domain servers in listed order:
NS1.ONNETSECURE.NET
NS2.ONNETSECURE.NET

Further, the Google Street View points in between commercial units to an address that doesn’t exist.

Cut your support tickets and make customers happier