A few days ago, I received an email from Jollibee‘s Happyplus that I won ₱500 in their monthly raffle draw. Cool, I thought, because as one of the first batch of users of the Happyplus Card, I have not won anything despite loading ₱500 to ₱1000 per month when the program started (I have strong doubts their raffle is real). Imagine my curiosity after receiving this email.
But, as I already had a bad experience with receiving Happyplus emails (read: Fake Spotify Login Site, Was Happyplus Compromised), I already have doubts. Sure, I was interested because in this new email they claim that they have a Happyplus app!
I checked the link and I was not surprised that the Happyplus Android app is fake. The link downloads an APK file. If this was an official app, they will link to Google Play and let users download it from there. Secondly, it should come from happyplus.com.ph at least (still not advisable).
Still, I checked Google Play and the happyplus.com.ph website for any information, nothing. There is no doubt this is another phishing scam by the same group behind the fake Spotify website coming from, supposedly, Happyplus.
I checked the Happyplus website today and they have posted an official announcement about this phishing scam.
With a correctly configured SPF, DKIM, and DMARC TXT records, almost all fake emails using their domain name will go directly to the Junk/Spam folder — even blocked by the email provider, preventing the end-user from receiving it. (Careful though with setting up DMARC, a wrong configuration will affect even official emails.)
In any case, Jollibee should have sent an email blast notifying users of this phishing scam. They send newsletters monthly, surely, informing your patrons about this phishing scam warrants an “emergency” email blast. If they did, I have yet to receive that mail and it’s 4 days since the official announcement was posted (2017-07-28).
Yet Another Fake Jollibee Happyplus Email by Yuki (雪) is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Legal Notice.