In the past, we’ve discussed many of the scams that are spread through popular applications such as WhatsApp. Though they’re a widespread problem, we often rely on word of mouth or reports from customers, before we can relay them to you, our readers. This is purely because we don't always see them ourselves. 

However, today, a member of WiseGuys was faced with a new WhatsApp scam. Forwarded to my wife, who then passed it on to myself, I had to act fast in ensuring that I warned her not to hand over any personal information. Fortunately, it was only through familiarity with all the previous scams we’ve discussed on this blog that I could recognise the red flags. And so, in a change of pace to our usual articles, I'd like to share this new scam with all of you on a personal level, and share the warning signs you should be on guard for. 

Overview

For most families, the summer holidays have begun. If you have children, then you’re probably already scouting the internet for cheap family days out, as hundreds of companies and holiday providers take advantage and push prices up. This was certainly the case for my wife and I, who have a young neice. 

I received the following message, below, from my wife via WhatsApp. On face value, after seeing hundreds of WhatsApp messages and links in the past, and in the middle of a busy working day, there was nothing particularly strange about it. 

I instinctively clicked on the link included within the message to see what the fuss was about, and potentially how I could get my hands on some free theme park tickets for my neice. At this point, I was directed out of WhatsApp and into my mobile web browser, with the following page depicted:

The page then asks several incredibly basic questions of you, that can't have any real value for Paulton's Park themselves. These included "Have you ever been to Paulton's Park?" and "Do you enjoy rides?". Admittedly, I clicked quickly through these inane questions, and was prompty told that I was 100% Qualified to receive these mythical tickets. 

There were already numerous red flags that I had glazed over after a busy week in the office, which were more visible on revisiting the message and the page themselves. Finally, I scrolled further down the page to what appeared to be a Facebook live feed of people who had supposedly claimed the offer already. This may have been a fake feed entirely, or it could be real peoples' Facebook accounts that have been hijacked in some way by the scam. Given that it's nothing more than a website and not malicious software, it's likely that they were fake users designed to give authenticity to the website. 

So, what were the red flags? Did you spot them all?

Warning signs

Only on very rare occasions do scammers manage to pull off a perfect user interface that is free from any grammatical errors or other visual cues that would otherwise raise alarm bells. In this case, there were many red flags that I should've immediately spotted: 

  • The website URL begins http. The genuine Paulton's Park website starts with https, like any secure website should. Http is not considered to be a secure protocol and carries numerous risks, especially for websites that request personal, private data from you.
  • The website URL is paultonspark.com-deals.win. The ".com" segment of the URL that you would normally expect to be the end of the URL is actually part of the main website name. It has been cleverly disguised within a .win domain. This domain appears to be owned by companies based in Gibraltar that dabble in online gaming and gambling.
  • The "Remaining tickets" counter on the website appears to drop rapidly whilst you're on the page, bringing a sense of urgency to rush through and provide your details. In fact, when I visited the page 5 hours later, the counter had refreshed to 4-500 again.
  • "July" is spelled "Juli" and the general grammar in the WhatsApp message is strange.
  • The logo image quality is awful and generally indicative of it being downloaded poorly from Google.

Need any further advice?

If you're worried about WhatsApp scams and the risks associated with them, then you can always give WiseGuys a call for further advice. You can reach us on 0808 123 2820. As you can see from the above, it's easy for even the most seasoned experts to caught out in the moment by a scam that isn't even particularly well implemented.