Phishing Emails Lure Black Friday Shoppers with Fake Best Buy, Kohl’s and Ace Hardware Gift Card Giveaways


November 24, 2021

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Phishing Emails Lure Black Friday Shoppers with Fake Best Buy, Kohl’s and Ace Hardware Gift Card Giveaways

How would you like a couple of hundred dollars worth of gift cards for this Black Friday shopping spree? Spammers clearly understand the practicality of gift card giveaways used to promote brand awareness and increase customer loyalty, especially during the peak shopping season.

This Black Friday is no exception. Fake customer surveys and giveaways are right now phishing for user data ahead of the busiest shopping day of the year.

Bitdefender Antispam Lab has caught three ongoing phishing campaigns impersonating popular store retailers in the US, including Best Buy, Kohl’s and ACE Hardware. The fraudulent emails bait recipients with a chance to get a $50 or $100 dollar gift card by taking short customer surveys.

Most scam emails target North American shoppers and originate from IP addresses in France, Thailand and the US.

Subject lines are as follows:

  • C0nfirmed: Y0ur HUNDRED D0llar Best--Buy—Reward
  • C0nfirmed: Your__$50__Ace__Hardware__Reward
  • C0nfirmed: Y0ur Hundred D0llar K0hls Reward

The Best Buy and Kohl’s phishing campaigns appear to come from the same gang, which only adjusted the email subject and body.

A separate scam offers shoppers the chance to receive a free 65-inch Samsung TV by participating in a Best Buy Loyalty Program. Although the subject line of the fraudulent emails says the prize is free, the promotional photo says otherwise – you pay $5.95 for shipping.

This scam is also localized, targeting shoppers in North America only. The scammers’ goal is to harvest credit card details from unsuspecting users attempting to pay the shipping fees.

Shoppers should keep an eye out for scams that can also be distributed via social media or text messages. If you get this email or similar correspondence, don’t click on any links or attempt to fill out the phony survey! Those who attempt to claim these enticing rewards are led to web pages not operated by the retailers. Recipients are then asked to provide personally identifiable information including their name, address, email address, phone number and date of birth – just enough information to help commit identity theft-related crimes.

For more tips and tricks on how to spot fake survey giveaways, check our dedicated guide.

Don’t let cyberthieves ruin this holiday season! Opt for a security solution to safeguard your devices and data from malicious attacks and all kinds of fraudulent websites. Experience the best-in-class protection for Windows, Mac, Android and iOS with our extended 90-day Bitdefender Total Security trial for free to ensure safe browsing and shopping experiences online.

Safe shopping everyone!




Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.

View all posts

You might also like