The LEGO(R) Group’s parts trading and database site “Bricklink” sent a mass email to users warning about phishing scams impersonating Bricklink on local time November 1, 2024.
Beware of Phishing Scams
Phishing is a fraudulent technique where malicious third parties impersonate companies or organizations closely related to the target in an attempt to steal personal information and account details.
According to Bricklink’s warning email, there has been a recent increase in phishing messages pretending to be from the site’s support.
The latest information about phishing scams impersonating Bricklink will be regularly updated on the site’s support forum. It would be advisable for frequent Bricklink users to bookmark this page. Phishing attempts@Bricklink
Email Notification Contents
What are the red flags to look out for in an email?
Unusual spelling in the sender’s email. Always ensure that any email claiming to be from BrickLink includes ‘bricklink’ in its domain or subdomain, without variations. Phishers often use look-alike domains to trick users, such as ‘bricklinks’, ‘brickinc’ or ‘brickIinc’. Missing and replacement letters, such as ‘I’s instead of ‘L’s, are aimed at misleading people who are scanning through emails quickly, like most of us do occasionally.
Unusual requests. BrickLink would never ask for your personal information or payment details in an email. You would only have to enter your personal information on our site when you are registering for an account or upgrading your account to become a seller. BrickLink does not process or manage payments directly, this is why whenever you are about to make a payment for your order on-site, you are transferred to one of our payment providers: PayPal or Stripe.
Sense of urgency. Phishing emails are trying to put pressure on you with immediate calls to action. Never provide personal or payment information in response to an unsolicited email or message, even if it appears legitimate. Always reach out to our helpdesk first at bricklink@support.lego.com.
What should I do if I already shared my payment information or sent payment? Please reach out to your bank or payment provider immediately and cancel the transaction or block your card.
What else should I do to keep my BrickLink account secure? One of the easiest ways to protect your account is to ensure that you have different passwords for different accounts and change them regularly. If you are a BrickLink seller, you can enable a One-Time-Pin (OTP), which will protect the most valuable parts of your store with a two-step verification process.
Be Aware of Phishing Scams
While slightly different from this phishing scam, on October 5, 2024, about a month ago, the LEGO(R) Shop official store’s homepage banner was hacked and altered to redirect to a fictitious “LEGO(R) Coin” sales site.
Furthermore, in November 2023, “Bricklink” suffered a large-scale hacking attack.
It is likely that phishing scams impersonating Bricklink or the LEGO(R) Group, as well as fraudulent calls to purchase fictitious LEGO(R) Coins, will continue to occur intermittently. Therefore, those who regularly use Bricklink or the LEGO(R) Shop official store should be mindful not to fall for these scams.
LEGO Shop Official Online Store
Best Place to buy LEGO Products
Limited, New, Best Sets. You can find every LEGO sets here.
Follow Us!
We(swooz/stds) provide the latest updates on all things LEGO(R) on platforms like X and YouTube.
Please follow us for more information across various LEGO(R) brick themes. Thank you for your support!!
- LEGO and the LEGO logo are trademarks of the LEGO Group.(C) 2024 The LEGO Group.