An Aussie woman has detailed her costly mistake just days after starting a new job, with the simple error leaving her $3500 out of pocket.
In a video on TikTok, the Gold Coast woman named Jackie claimed she received an email request from who she thought was her new boss, but after learning it wasn't, she realised she'd been scammed.
"Please don't tell anyone and keep it a surprise, but I want you to purchase 15 Apple gift cards for staff members for Christmas," the email supposedly said. Jackie said she asked for the company credit card details to make the purchase, but was allegedly told to use her own and that she'd be reimbursed.
New to the company, Jackie said she "wasn't going to argue back" as it was only her third day on the job so she did "what [she] was told" and purchased 15 Apple gift cards for $1500. But things took a turn when the alleged scammer requested another 20 gift cards, boosting the total spend to $3500, she claimed.
Another email allegedly followed asking Jackie for her bank details so she could be reimbursed. The request made her question the exchange so she messaged her boss.
"Just checking that's you who sent those emails off your personal Gmail asking for those Apple gift cards?" she asked him. "He calls [me] straight away and said, ‘No, that wasn’t me. You didn’t buy them, did you?'"
People warned about common phishing scam
The video ends with no explanation about what happened next, and Jackie's profile now appears to be private. The video has racked up dozens of comments from people sharing their thoughts on the matter. One claimed she'd fallen victim to what's known as "a LinkedIn scam".
"They scan the site for 'just started at...' announcements and pick a director from the company’s LinkedIn page to impersonate," one person explained, according to 7Life.
If true, Nigel Phair from the UNSW Institute for Cyber Security told Yahoo News Australia this method is "certainly an interesting one". For it to work, the victim would have had to have updated her LinkedIn profile.
"The scammers would have to know either her personal email account, which could be gleaned from other social media accounts if they don't have privacy settings, or from the LinkedIn account itself," he explained. "The other method is to determine the email address protocol, for example first email@example.com."
But regardless, "scammers love gift cards and will try a variety of methods to get people to buy them," he said. "A standard in this request was to ask the victim to buy a small amount, then keep asking until they stop (as opposed to asking for one big hit)."
Others shared their own experience with a similar scam, according to 7Life. "This exact thing happened to me but I didn't buy any," one person reportedly said. "I spoke to my manager because I thought it was strange the owner was emailing me out of hours."
"I've literally had this email today," wrote another. "Looked legit on my iPhone as well, but when viewing on Outlook you can see the dodgy email address.
Australians' $2 billion loss
This type of scam is a 'phishing scam", The Australian Communications Consumer Action Network (ACCAN) warns. "Phishing emails or text messages disguise themselves as legitimate messages, but are actually ploys to get you to reveal personal information — such as passwords, credit card numbers — or gift card codes," the ACCAN website reads.
According to the ACCC, Australians lost a record amount of more than $2 billion to scams in 2021. "Scam activity continues to increase, and last year a record number of Australians lost a record amount of money," ACCC Deputy Chair Delia Rickard said.
Do you have a story tip? Email: firstname.lastname@example.org.