Your security is important to us which is why we want you to be aware of online scams and hoax emails, commonly known as phishing, and how you can identify them.
Scammers will attempt to trick you into giving them your email address through phony competitions or giveaways online and via social media such as Facebook or Instagram.
What to do if you receive a phishing email
If you believe you have received a McDonald’s related phishing email, report it by forwarding the email to Customer Services*
This email address is for notification purposes only and you won’t receive an individual reply. If you have any queries relating to the email or any anything else, please use the McDonalds Contact Form
What actions should you take?
- do not click on the link contained in the email
- do not reply to the email
- forward the email to Customer Services*
- delete the email
- update and perform an anti-virus scan on your computer
- update and perform an anti-spyware scan on your computer
What is a phishing email and how to spot one
Phishing is when criminals pretend to be a person or company, to get you to provide them with your personal information through an email.
Here's an example:
- Check the email address - in this case it’s not from a @maccasnews.mcdonalds.co.nz address it’s not from us.
- Errors, poor grammar and punctuation is a clear indicator of a spam email.
- The link text does not tell you where it’s linking to. You can either hover your mouse over it, or right click, then copy and paste the link into a text editor to inspect the actual link destination.
Phishing emails will direct you via a link, to enter your details at a fake website that looks almost identical to the real one. Non-McDonald’s websites or login pages can be detected by checking the link address (URL) in the browser address bar.
Often the website you’re being directed to, is also infected with malware and/or viruses, which may capture your personal information without your knowledge.
Signs to look out for:
Phishing scams can be very sophisticated, and criminals go to great lengths to make their emails and fake login pages look genuine. There are no hard and fast rules to identify a phish but you should be wary, and keep these indicators in mind when reading emails:
- Emails that do not address you by name, or do not include information within the email to prove that the sender knows you.
- Urgency or appeals for emergency help, which are designed to make you act quickly.
- Emails that ask you to update personal and financial information.
- Links or attachments from senders you don’t know, or aren’t expecting.
*This email address is for notification purposes only and you will not receive an individual reply.