Who has not ordered takeout from a favorite restaurant in the past year and a half?
It’s a booming trend that’s unlikely to go away, and so, of course, the bad guys are out in force trying to take advantage and con people.
These takeout scams play off food delivery apps like DoorDash or GrubHub, or even merchants’ own websites that they have set up to avoid fees connected with the apps, the Better Business Bureau says.
These scams happen when you do a restaurant search and end up with a third-party website that looks official enough to belong to the desired eatery or to a legitimate delivery service.
When you click on the link, you are able to select your food and enter credit card details, similar to what you do when it’s the real deal, the BBB says.
However, this time, although the charges show up on your account, you’re going to be left hungry because the food is never going to arrive, the BBB says. Also, you have just disclosed your credit card details, address and other personal information to a bunch of thieves.
Here’s how to avoid this:
• Order only from websites you trust. “Even if you think you are on a website you know, double check the URL before you place the order,” the BBB says.
• The first time you order directly from an eatery, call to confirm that it has online ordering and that you are using the correct address.
• Use a credit, rather than debit, card to pay because you’ll be able to challenge an unauthorized charge.
• If you think you’ve disclosed information on a fraudulent website, cancel your card immediately and ask for a new one. Even if it’s been a few days since the purchase, be aware that scammers sometimes wait weeks or even months before they start using the card number for purchases.
And here’s a popular fraud that plays on the ubiquity of online shopping as well as food delivery.
Called the “last receipt” scam, it’s unleashed through an email that claims to be from Amazon, Walmart or other major retailer, according to Scam Detector, a fraud prevention website: https://www.scam-detector.com/.
The email says, “Hope you enjoyed your last shopping experience with our store. Please find your last receipt, attached, and verify the additional fees that are on the invoice. Thank you for shopping with us.”
How do scammers know someone has just shopped at Amazon, for example?
They don’t. They’re just taking a shotgun approach, but the odds are pretty good that they’ll find success just because of the online retailer’s huge volume. For example, Amazon ships about 2.5 billion packages a year, according to figures cited by Scam Detector.
The fraudulent attachment comes as a zip file and contains a virus or malware. It also could contain a “keylogger,” which records all your keystrokes as you type them. That means the scammer will have access to personal information when you open your bank account or type in your credit card number.
Here’s what to know:
• Never open attachments from someone you don’t know. If you purchase anything online, the invoice email should show the total amount in the content of the message and not just in an attachment. “Even if it says the name of the brand that you’re familiar with, carefully inspect the browser to spot any mistakes in the spelling of the website,” Scam Detector says.
• Especially ignore zip files that you aren’t expecting, regardless of where they appear to come from.
• Inspect the sender’s email. Often, it is the store’s name, followed by dot com. But if it has letters and numbers added, that’s a giant red flag.
Contact Ellen Marks at firstname.lastname@example.org or 505-823-3842 if you are aware of what sounds like a scam. To report a scam to law enforcement, contact the New Mexico Consumer Protection Division toll-free at 1-888-255-9210 or file a complaint at www.nmag.gov/file-a-complaint.aspx.