In late April, 2023, American home goods retailer Bed Bath & Beyond filed for bankruptcy protection under Chapter 11. This event was expected, due to the company’s poor performance over the last quarter before the bankruptcy. Though, not only short sellers decided to make profit on this: online scammers decided to fool people, appealing to be “sellers of the rest of the Bed Bath & Beyond goods”.
Bed Bath and Beyond Scams Filled the Web
What can be more pleasant than getting a thing you wanted at a hefty discount? Such a wish of getting things practically for free is well known to scoundrels, and they never disdain using it.
To perform their dirty deeds, they establish websites that pretend to be places where the bankrupted company sells off the rest of its stock. This fails to pass even the most basic fact-checking, as the company used other ways to liquidate its inventory upon discontinuation. But this is not that clear to people who trip through such sites and see the things they wanted to buy – and with a huge discount.
Scammers Registered Dozens of Fake Bed Bath & Beyond Sell-off Sites
The websites I am talking about are mostly hosted on .shop domains. Scammers registered dozens of them, and despite being shut down after several weeks, they still bring the hackers enough profit to keep going. And the profit there is not measured in money sums: the sites aim at collecting personal data and sometimes even credit card information. All these things cost quite a pretty penny on the Darknet, particularly on its hacker forums. I managed to collect the list of sites involved in this scam campaign. Note – these are not all the pages that appear in this scam:
- Ciutyf[.]shop
- Peneloper[.]shop
- Suewat[.]com
- Bedbathclosing[.]shop
- Monolithic[.]shop
- Prudencei[.]shop
- Lecityi[.]shop
- Closeoutsale[.]shop
- Mommyloves[.]shop
- Pacificlarks[.]shop
- Marchmax[.]shop
- Olkbmon[.]shop
- Clearancestore[.]shop
- Sosor[.]shop
All these pages, despite having more or less relevant URLs, have a pretty much the same design. Apart from that, offers are the same as well: visitors can see goods typical for the Bed Bath & Beyond chain with up to 90% off. Upon the “checkout”, victims receive a form which asks them to drop personal details for delivery. That also looks familiar, but with one simple difference: the site does not have any goods in stock. It simply collects all you type in the form, and then shows you the “estimated delivery date” which will never actually happen. Usually, data these pages gather touches user home address, email, real name, phone number, and the like. And don’t even try to contact their “support” – you will never get a response, obviously.
Scams Aim At Banking Information
Some sites among ones I mentioned above went further in the categories of data they can collect. By asking for a prepayment for ordered goods, the site initiates a redirect to a phishing copy of the payment system page. It is not likely to take your money, as such operations are relatively easy to track for law enforcement. Instead, the form sends your card number, CVV code and expiration date – the full kit needed to stripe the card down. Once you’d try to perform the payment, the site will return an error, as it simply does not have any other options. Sure enough, carding is way less profitable now than it used to be, but is still possible – and still brings money to both data stealers and its “end users”.
How can I protect against Bed Bath & Beyond scams?
Fortunately, all such scams become obvious once you are attentive enough. First and foremost, check out the information from the company’s officials. Usually, when it comes to inventory sell-off, they notify about the way it will be done. But yes, after some time, third parties that were not mentioned in the initial message will come across these goods and will market them as well. So to distinguish the fraud from a genuine offer, you should perform an analysis of the exact website.
Do not believe the offers that are too good to be true. As expected, hackers will offer the best price possible – simply to attract customers. 70, 80, 90% – they sometimes go really crazy, though it does not always work in their favour. Such generous offers are most oftenly the signs of a scam. Even though these goods were already bought at a discount, no one will sell them below this cost, if they are sane.
Check the source of the page. Websites with shopping scams are often promoted via pop-up ads and dubious banners you can come across on some pages. In particular, adware often promotes such sites, for a small pay for each viewer. If you suspect or even witnessed such an unexpected appearance of the Bed Bath & Beyond scam website, close it as soon as possible and don’t even interact with it.
Use an anti-malware program with a network filter. To make your life much easier and minimise the chance of getting on a scam page, use a program that will prevent you from visiting such questionable places. Not all solutions can offer network protection – but GridinSoft Anti-Malware does. Consider trying it out, as it is not only about online security, but also exceptional malware protection capabilities.
Stephanie, are any Bed Bath and Beyond sales websites legitimate?