Have you received a message on WhatsApp or Facebook with a link to techeq.in, expresswish.co, khurr.com, indviral.com, etc and a promise of a surprise? Before you rush to click on the link, it’s crucial to be aware that this is not your typical holiday greeting. This message is part of a deceptive scheme known as the “Send You a Surprise Message” scam, and it employs a chainletter method for distribution.
Scammers capitalize on the festive New Year/Christmas theme not only to spread their deceptive message but also to profit from advertising revenue. Furthermore, they aim to collect personal information from unsuspecting users.
In this article, we’ll shed light on the inner workings of this scam, empowering you to protect yourself during this holiday season and beyond. Your online safety is a valuable gift, and understanding this scam is the first step in safeguarding it.
Table of Contents
What is the “Send You Surprise Message” Scam
The “Send You Surprise Message” scam is a malicious attempt to deceive individuals by exploiting the holiday spirit. It typically spreads via WhatsApp messages, where recipients are enticed with a message like, “JohnDoe Send You a Surprise Message ππ Open this once*ππ techeq.in/en/?n=JohnDoe“.
π© Signs of the Scam
- Unsolicited Messages: If you receive a message from an unknown sender claiming to have a special Christmas surprise, be cautious.
- Suspicious URL: The link provided often directs you to a website like “techeq.in”, which can be a red flag.
- Lack of Legitimate Content: The website usually displays an animated Christmas-themed picture but lacks any substantial information or purpose.
- Personal Information Request: If the site prompts you to enter your name, exercise caution. Legitimate Christmas greetings rarely require personal information.
Is the WhatsApp ‘Surprise Message’ a Virus? π¦ β
No, the ‘Send You Surprise Message’ message is not a virus; it is a phishing scam designed to deceive and collect personal information from unsuspecting individuals. It operates by luring users to a deceptive website where personal data is solicited, and it relies on social engineering tactics rather than malicious software to achieve its objectives. Clicking on the link may pose security risks, but it does not involve the installation or spread of a traditional computer virus.
π‘ Safety Tip: If you’re hit with a dubious message, block the sender on WhatsApp. Open the chat, click on the sender’s name or number, scroll, and hit “Block”. Amplify your defense by marking the message as spam or reporting it. This equips WhatsApp to tackle malicious players. π«π²π
How the “Send You Surprise Message” Scam Works
The “Send You Surprise Message” scam employs a multi-faceted approach to exploit the holiday spirit and manipulate people into engaging with it. Here’s a more comprehensive breakdown of how this scam operates, along with insight into the scammer’s motivations:
Initial Message
The scam begins with a message, usually through WhatsApp, sent to unsuspecting recipients. This message appears to come from someone known or unknown and typically includes a message like, “Have you seen thisβ β οΈJohnDoeβ οΈ sent you a special surprise message π€© open this once ππ techeq.in/wow/?n=JohnDoe“. The primary goal of this message is to exploit people’s curiosity and holiday goodwill.
Deceptive Website
Clicking on the provided link takes you to a deceptive website, like “techeq.in”. This website is designed to appear festive with Christmas/New Year-themed animations. There is an interactive element where you’re encouraged to “Touch me”, which is meant to further engage users.
Data Collection
After engaging by clicking “Touch me”, you are redirected to another page within the website. Here, you may encounter more Christmas imagery and a request to enter your name. This is where the scammer collects personal information. The scammer’s objective here is twofold:
-
Phishing for Personal Data
By requesting your name, the scammer aims to gather personal information. This information can be exploited for identity theft or used for future phishing attacks.
-
Social Engineering
The scam creates a sense of emotional connection to the holiday season to manipulate individuals. The emotional aspect can cloud judgment, making individuals more likely to proceed with the scam.
Chain Letter Method
One of the key tactics employed by scammers in this scheme is the chain letter method. After entering your name, you may be redirected to a page that encourages you to “Share with friends”. This is where the scam spreads. By exploiting people’s desire to share holiday greetings, the scam leverages social networks to multiply its reach, potentially impacting even more individuals.
Advertisement Revenue
Additionally, the scam may generate revenue for the scammers through advertising blocks placed on these webpages. While users interact with the scam, they may be exposed to advertisements, and scammers can profit from ad impressions and clicks. This provides an additional incentive for the scammer to propagate the scheme.
π± What to Do If Scammed
If you find yourself ensnared by the “Send You Surprise Message” scam or any other online deception, swift action is paramount to mitigate potential damage. Follow these steps:
π‘ Stay Calm
Don’t panic. Take a deep breath and gather your thoughts. Scammers thrive on creating panic and urgency.
π Secure Your Accounts
If you shared login credentials or personal information, change your passwords immediately. Enable two-factor authentication wherever possible for added security.
π Verify Transactions
Review your financial accounts for any unauthorized transactions. If you detect fraudulent activity, contact your bank or credit card company promptly to report it.
π Report the Scam
Inform the platform where you received the scam message, such as WhatsApp or Facebook, and report the sender as spam or phishing. This helps protect others from falling victim.
π’ Warn Contacts
Notify your friends and family about the scam, especially if you inadvertently shared the deceptive message. Encourage them to remain vigilant.
π Contact Authorities
If you believe you’ve become a victim of a significant financial or identity theft, contact your local law enforcement agency and report the incident.
π€ Monitor Your Identity
Keep a close eye on your credit report and financial statements for any unusual activity. Consider identity theft protection services if available.
π« Block and Delete
Block the scammer and delete any further messages or emails from them. Avoid engaging further.
π§ Learn and Educate
Understand the tactics scammers use to deceive, so you can recognize potential threats in the future. Educate your friends and family about online safety.
π» Secure Your Device
Run a thorough antivirus and malware scan on your device to ensure it’s free from any malicious software that may have been downloaded.
Examples of such scams
While the Send You Surprise Message scam is a notable example, it’s part of a broader landscape of sophisticated scams. Numerous other scams employ similar tactics, exploiting recognizable names and employing urgent messages to deceive their targets. Let’s examine a few prominent ones:
Venmo Text Scam
Venmo users are the targets of this scam, where they receive a text message appearing to be from Venmo. The message typically warns of a problem with their account or a suspicious transaction.
It includes a link leading to a counterfeit Venmo page, which asks for personal and financial information under the guise of ‘verifying’ the user’s identity or ‘securing’ their account.
Netflix Account on Hold Scam
In this scam, Netflix users receive an email or text claiming their account is on hold due to a payment issue. The message directs them to a fraudulent Netflix site where they are prompted to update their payment details. This fake site is set up to capture credit card information and other personal data.
Netflix Membership Account on Hold Scam Text
Meta Business Suite Scam
This scam targets business owners and marketers who use Facebook’s Meta Business Suite. Scammers send emails or messages impersonating Meta, claiming there’s an issue with the user’s business account or advertising campaign. The messages often include a link to a fake Meta login page designed to steal login credentials.
Each of these scams exploits trust and urgency to solicit sensitive information, usually through fraudulent websites. Recognizing these tactics is crucial for safeguarding your personal and financial data against deceptive schemes.
Threat Summary
| Name | Send You Surprise Message Scam |
| Type | Phishing Scam |
| Scam sites | techeq.in, expresswish.co, khurr.com, indviral.com, msg4-u.com, foodaki.com, my-wishes.co, special-dost.com, my-india.co |
| Damage | Risk of personal information exposure, potential malware installation |
| Distribution | Spreads via WhatsApp and Facebook messages |
| Tactics | Deceptive Christmas-themed messages, luring users to click on links |
| Prevention Tips | Be cautious of unsolicited messages, avoid clicking on suspicious links, and never share personal information. |
| Reporting Info | Report the message or sender as spam or phishing on the messaging platform. |
How to Avoid Falling Victim to Similar Scams π‘οΈ
Scams like the Send You Surprise Message scam may come and go, but new ones pop up all the time. Here’s how you can stay safe:
1. Watch the Language π
Scams often have typos and weird phrases. Real companies use good spelling and grammar.
2. Check the Source π§
Don’t click links in the message. Go to the real company’s website yourself and ask them if the message is true.
3. Who Are They Talking To? π€
Real companies will call you by your name, not “Dear customer”. Watch out for vague names in the message.
4. Don’t Rush π°οΈ
Scammers want you to act fast without thinking. Take your time before you click any links or give info.
5. Check the Links π±οΈ
Hover over links to see where they really go. The real URL will show up at the bottom-left of your browser. Make sure it starts with “https://” and matches the company’s real website. For extra safety, use a URL checker tool online (urlscan.io) to make sure the link isn’t known for scams.
6. Keep Personal Info Safe π
Never give passwords, credit card numbers, or Social Security numbers in an email or text.
7. Use Security Tools π
Use antivirus software and turn on a firewall. These can spot scams and block bad websites.
8. Block Spam π«
Set your email to filter out scam messages so you don’t even see them.
Conclusion
The “Send You Surprise Message” scam preys on the festive season to trick individuals into clicking on malicious links. Stay vigilant, avoid interacting with suspicious messages and links, and report any such attempts to protect yourself and others from falling victim to scams like these. Remember, a genuine Christmas greeting doesn’t require you to share personal information with unknown sources.
