Notice the legitimate address for DoneDeal up there? It’s http://www.donedeal.ie, the home page of a legitimate Irish commercial site.
No surprises, then, that when the email leads you to http://recza.com.mx/donedealone/[obfuscated], red flags wave, sirens blare, and bells ring. Why would DoneDeal be using a web host in Mexico?
Of course, they wouldn’t. This is a phishing scam, pure and simple. I’ve received two in the last couple of days, the second pointing to a different website after the first one was shut down. You fill out an innocent-looking survey (and if you believe that they will pay you €150.00 for that 30-second effort, I have a bridge I’d like to sell you) and then you’re taken to a page where you enter your credit card details and other critical personal information:
Most of my readers here know how to recognize a phishing scam from miles away, but most of us have loved ones and friends who may not be computer literate. Protect them; educate them; teach them NEVER to give out their financial data online unless they know what they’re doing.
DoneDeal knows about these bottom-feeders; whether they can do anything about them is debatable, but forewarned is forearmed.
The Old Wolf has spoken.