Ahhh, the things I do for you, my lovely readers.
This Sunday, as I perused Pinterest, drank my beloved weekend-only coffee and snuggled with my doggies, I saw the same item pop up on dozens of friends’ Facebook feeds.
It promised two free Southwest Airlines tickets, just for sharing how much you love Southwest!
In a “too good to be true moment,” I decided to prove my spidey senses right. And I did. Thankfully, I made the wise decision to use a little-known Gmail trick to prevent some of the spam that would ensue from hitting my inbox.
[Sadly, though, I provided my real phone number, and as you'll find out, that was a major mistake.]
First to the scam. Once I opened the link (from Very Cool Brands on Facebook), I was asked to take a a survey.
Here’s the crucial point. Instead of using my real email — email@example.com — I used firstname.lastname@example.org.
Gmail has a hidden feature that allows you to add a period anywhere in your user name, and you’ll STILL get the mail to your main inbox. So, I could have used kw.idrick, kwi.drick, etc.
I use this trick when I’m signing up for newsletters or other offers, so if I start getting a lot of spam, I can track which company likely sold or gave away my information.
OK, back to the scam. I started filling out the 17-question survey, figuring that maybe Southwest just wanted some basic information about its Facebook fans.
But as I wrapped it up, I was taken to a new page — that’s when I realized that it was not Southwest offering the coupons, it was some third party who had co-opted the name and logo. I’d show you the original post on Facebook, but it looks like I’m not the only one that noticed this was spam.
After the survey, the new page laid out the rules and regulations for completing the ticket giveaway, and that’s when I knew for sure that this was not legit. The rules would have required me to opt in to two “free” trials for services including a Target buyers club, a Netflix account and a magazine subscription. Each trial actually required at least some credit card information to be shared.
At that point, I closed the window and figured I’d escaped any harm. But then emails started to come into gmail:
DOZENS of them. All from different names, and all to email@example.com. So I knew that the bogus survey company had given my information to hundreds of other more malicious websites.
At that point I:
- set up a filter for all incoming messages to firstname.lastname@example.org so that they’d skip my inbox, be marked as read and deleted.
- started reporting each message as phishing
- decided to see what options I had for getting rid of the unwanted messages
The email was bad but what really pissed me off? The three phone calls I received from people wanting to offer my various unsolicited crap. Even though I’d not expressed any interest in being contacted by people through the survey, the callers told me I’d opted in to receiving information on continuing education, a diaper club (seriously?) and some kind of insurance quote.
I went down the rabbit hole and eventually, found my way to the main website that had offered the giveaway. I read the fine print that showed that I was, in fact, required to complete the survey and trials (or “Reward Offers”) if I wanted to get the prize.
I also read that apparently this company could take all of my info, including my IP address, date of birth and more, and use it however they wanted.
My favorite line? “There is no such thing as complete security on the Internet or otherwise.” You’re telling me.
But at this point, I still thought I could get my information back. Until I hit the “Contact Us” button and got this (not-so) surprise.
Eventually, after about 30 minutes of digging, I did find some alternative opt-out tools, and I think [hope] that this will cut down, if not end, the spam attacks. I’ve asked each caller to remove me from their list or face an FCC complaint, and I’ve learned a hard lesson.
Even though every fiber of my being knew that this was too good to be true, I just had to check it out. So I hope that you learn from my experience and just say no.