Scam Alert: Fake Sephora Advent Calendar Ads and WhatsApp Messages Flood Europe in 2025

The Sephora Advent Calendar Scam Returns for the 2025 Holiday Season

The Sephora Advent Calendar scam is back and it’s spreading faster than ever. After circulating widely in 2024, the scam has resurfaced in time for the holiday season. This time, it combines WhatsApp messages, sponsored Facebook ads, and fraudulent websites to trick users across Europe.

People receive messages promising a free Sephora Advent Calendar 2025, complete with enticing photos and convincing branding. The message often includes a link that looks legitimate, such as:

https://sephora[.]fr@walinkr.cc/FNQeTPxB/?promo-calendrier-avent-2025.html

At first glance, it appears to point to Sephora’s French site, but everything before the “@” symbol is a decoy. The real domain is walinkr[.]cc, a fraudulent link used in phishing and malware campaigns.

How the Scam Works

Unlike last year, this year’s scam isn’t just spreading through fake sponsored ads; it’s  amplified by consumers who fall for the initial bait and forward the link to their WhatsApp contact lists.

Users receive a message or ad claiming they can win a “luxurious Sephora Advent Calendar 2025” by filling out a short survey.

The site, which copies Sephora’s branding, asks four easy questions, including “Have you heard of Sephora?” or “Would you recommend our products?”

Once users complete the quiz, they’re told they’ve “won” a calendar. To claim it, they must forward the link to all WhatsApp contacts, turning them into unwitting scam promoters.

After sharing the link, victims are redirected to fake checkout pages or subscription traps requesting personal details or payment information, which can later be exploited for identity theft or fraudulent charges.

Bitdefender Labs data show that this campaign is running in multiple countries, primarily:

The numbers reveal how the scammers tailor their content to European audiences, using localized languages and pricing to build trust.

Fake Ads Boost the Scam’s Reach

These fake ads mimic real promotions, using friendly, conversational language like:

“My sister works at a beauty store and told me about a secret offer before Christmas…”

Each ad includes stolen product photos, false testimonials, and localized currencies (€1.99, 35 lei, £10), making them seem more credible. Many even claim to be “limited-time offers” tied to Black Friday or “leftover stock” from last year’s Advent Calendars.

Sephora Confirms There’s No Giveaway or Promotion

After a flood of user reports, Sephora Romania publicly warned consumers that it is running no Advent Calendar giveaway, raffle, or promotion.

“We do not organize any contest, giveaway, or event offering an Advent Calendar. Please do not provide your contact details, card information, or other personal data.”

Sephora’s official communication channels remain limited to its verified website (sephora.ro, sephora.fr, sephora.es, etc.) and its official Instagram, Facebook, and TikTok pages.

How to Stay Safe from the Fake Sephora Advent Calendar Scams

1. Check the domain carefully. Official Sephora websites never include “@” in their URLs and always end in country domains like .fr, .ro, or .es.
2. Don’t click on suspicious links received via WhatsApp, Messenger, or social media comments.
3. Ignore “forward to friends” requests. This is a manipulation technique to make scams spread virally.
4. Use free tools like Bitdefender Scamio or Bitdefender Link Checker to verify suspicious links before clicking.
5. If you’ve clicked or shared the link:
   • Stop sharing it immediately.
   • Run a full scan on your device.
   • Change passwords on accounts linked to your phone or email.

We expect such attacks will likely increase as Black Friday and Christmas promotions ramp up.