The Truth Behind the Canndyy.us “Candy Giveaway” Scam

Free candy – it’s an enticing offer that seems too good to be true. And when it comes to the supposed “Candy Giveaway” on the website Canndyy.us, that old adage holds true.

Advertisement

In recent weeks, scammers have been heavily promoting Canndyy.us across social media platforms like TikTok, YouTube, and Facebook. In the ads, users are promised free shipping on a variety of name-brand candies if they go to the website and place an order. But Canndyy.us is not the sweet deal it claims to be – it’s a scam designed to trick victims into signing up for unwanted services that will cost them serious money.

In this in-depth article, we will break down exactly how the Canndyy.us candy giveaway scam operates, who is behind it, and most importantly, how you can avoid becoming a victim. We will also provide advice on what to do if you or someone you know has already fallen for the ploy.

Canndyy.us scam 1

Overview of the Canndyy.us Scam

Advertisement

Canndyy.us is a scam website that first began operating recently, though the parties behind it have likely perpetrated similar candy-themed scams in the past.

The site itself appears sophisticated on the surface, with professional branding and web design aimed at lending an air of legitimacy. However, upon closer inspection there are clear red flags like shoddy grammar, use of generic stock photos, and suspicious claims that should tip off users that Canndyy.us is a fraudulent platform executing a predatory scam scheme for financial gain. The polished appearance is just a veneer to cover the deceptive intentions of this website. In reality, Canndyy.us is specifically designed to trick and manipulate visitors for criminal purposes, with no intent whatsoever to actually ship free candy as promised.

Here’s an overview of how the scam works:

  • Scammers create TikTok, YouTube, and social media ads promoting free shipping on name-brand candies through Canndyy.us. The ads target young viewers who may be enticed by the prospect of free sweets.
  • When users visit Canndyy.us, they’re greeted with a message claiming they can get free shipping on candies within the US, Canada, and UK.
  • The website shows photos of candies like Twix, Kremery chocolate, and more – all listed at $0.
  • An “Order Now” button appears under each candy type, implying users can order these products for free.
  • When users click “Order Now,” a pop-up appears claiming they need to complete “human verification” by completing two offers to prove they aren’t a bot.
  • The offers redirect to shady websites and prompts users to enter credit card information, sign up for subscriptions, download malware – anything to get your personal and financial information.
  • Of course, victims never receive any actual candy. The whole site is a front to harvest data and sign people up for services that will bill them.

This scam is essentially affiliate marketing taken to the very extreme – by promoting “free” candy to kids and teens, then diverting them to offers that can rack up costs or compromise their devices and information.

Next, let’s take an even deeper look at how Canndyy.us operates to better understand why it’s so problematic.

How the Canndyy.us Candy Scam Works

Advertisement

The Canndyy.us scam is quite elaborate in its execution across social platforms and the custom website built specifically to mislead users. Here is a step-by-step breakdown of how it ensnares victims:

Advertisement

Step 1: Promotion of the Scam Across Social Media

The perpetrators behind Canndyy.us have leveraged multiple social platforms to promote their scam to a wide audience.

  • On TikTok, they create videos claiming users can get free shipping on major candy brands through the site. The videos use eye-catching graphics showing candy brands everyone recognizes.
  • YouTube ads also push the Canndyy.us scam using similar graphics and messaging. These video ads play before or during other content, helping it reach a lot of eyes.
  • Facebook ads complete the social media promotion trifecta, targeting teen and young adult demographics who use the platform often.

The goal is to convince social media users they can score free candy just by visiting this site. The professional promotions make Canndyy.us look credible.

Step 2: The Misleading Canndyy.us Website

When users visit Canndyy.us, the site continues the deception. The homepage states:

“Welcome To Candy GiveAways! We are excited to offer you free shipping within the United States, Canada, and the UK. Indulge in our delicious candies without having to worry about shipping costs. Don’t miss out on this sweet deal!”

Advertisement

This helps reinforce the notion that Canndyy.us will actually ship candy to customers for free.

Further down the page, users see photos of major candy brands like Twix, Hershey’s, Sour Patch Kids, M&Ms, and more. All are listed at $0, again implying you can order these candies totally free.

An enticing “Order Now” button appears below each candy image, baiting visitors to tap or click it.

Step 3: The “Human Verification” Pop-Up

When a user clicks “Order Now,” the scam pivots to its real purpose – obtaining personal and financial information.

A pop-up appears stating:

“Human Verification. Complete ‘Any Two’ of the offers below To Prove That You Are Not a BOT. Your Chance to get $750 to your cash Account! Get a $100 Walmart Gift Card! Win a $75 McDonald’s Gift Card! Add your phone number to win $100. Checking completion.”

Now the scam’s intent becomes clear. To “prove” they are human and unlock the supposed candy orders, users have to complete two “offers” – which really means signing up for products, services, or downloads that will cost money.

This pop-up uses social proof tactics as well, mentioning chances to win gift cards and cash. But in reality, your information is just being harvested at this point.

Step 4: Redirects to Shady Sites to Capture Your Info

When users click the “offer” buttons on the pop-up, it redirects them away from Canndyy.us to even shadier websites. These include:

  • Subscription scams – Sites that get your credit card information by offering “free trials” that convert into expensive monthly subscriptions. Victims only find out when they see the charges on their card statements.
  • Survey scams – Lengthy surveys that promise rewards but often just capture personal information to sell or use for identity theft.
  • Affiliate scams – Makes users input credit card or personal data under the guise of claiming “free” products that never arrive.
  • Malware downloads – Certain offers try to get users to download things that infect devices with spyware, viruses and other malware.
  • SMS subscriptions – Signs users up for premium text messaging services without consent, incurring charges.

No matter which shady offers users complete, the purpose is the same – steal money through recurring charges and/or capture personal information for identity theft and other cybercrimes.

Step 5: No Candy Ever Arrives

After personal and financial information gets compromised via the offers, users receive zero candy products. Canndyy.us clearly never intended to ship any free Twix or other candy brands.

The website and offers make big promises about free shipping, chances to win gift cards, and verification steps that must be completed. But in the end, it’s all a fraudulent front to access data and bank accounts.

Now that we’ve unpacked exactly how the mechanics of this scam works from start to finish, let’s discuss who is behind this predatory scheme.

Who is Behind the Canndyy.us Scam?

Advertisement

Pinpointing the exact individuals behind any scam website can be challenging. Perpetrators often go to great lengths to mask their identity through web host services, domain privacy tools and falsified contact information.

However, we can make some educated guesses on who is running Canndyy.us based on patterns with similar scams.

International Cybercrime Rings

Many online scams originate from international cybercrime organizations who strategically operate outside the jurisdiction of US law enforcement. Previous candy-themed schemes have been traced back to Russia, Ukraine and select Eastern European nations where underground hacking/scam networks exist.

Canndyy.us uses US web hosting and servers, but the parties behind it are likely based abroad. These sophisticated scam groups have the resources and technical skills to build an entire custom website, produce social media ads, capture user data and divert payments offshore where legal consequences are minimal.

Experienced Affiliate Marketers

Another possibility is that experienced affiliate marketers with shady business practices are behind Canndyy.us.

Affiliate marketing relies on promoting third-party offers and getting commissions when users sign up for those offers by clicking your link. Canndyy.us essentially hijacks and optimizes this model by baiting victims with free candy before redirecting them to the monetized offers.

Domestic and foreign scammers adept at black hat affiliate marketing could be operating the scam via borders and technical tricks to avoid culpability. The financialincentive of earning per sign-up makes a scam affiliate scheme highly lucrative.

Inside Job?

Some speculate that Canndyy.us could actually be an inside job perpetrated by (or with help from) people within the affiliate marketing industry itself. Those affiliates promoting mobile apps, subscriptions and other products would stand to gain as their offers get promoted to Canndyy.us victims funneled to them.

However, such a scheme would be incredibly risky and jeopardize the involved companies. More likely, the scam sends traffic/victims to ANY offers it can monetize, with or without affiliate consent.

Regardless of whether solo cybercriminals, organized scam rings or unethical affiliate marketers are behind Canndyy.us, their methods and motivations are quite clear – make quick money through deception. Next we will cover what you should do if you or someone you know has fallen victim to this scam.

How to Identify This Scam on Social Media

Advertisement

In addition to the Canndyy.us website itself, this scam leverages Facebook, Instagram, TikTok and other social platforms to promote the fake free candy offer to unsuspecting users.

Knowing what to watch out for can help you recognize these fraudulent social media posts and ads when they appear in your feeds.

Spotting the Scam on Facebook

On Facebook, the Canndyy.us scam may appear in your feed or in ads on the sidebar. Here are signs it’s the scam:

  • Bright, eye-catching graphics related to candy and phrases like “Free Candy”, “Get Yours Now” or “Limited Time Offer” in the image or ad text.
  • The post or ad copy entices people to get major candy brands shipped free or heavily discounted. Common slogans are “Warehouse Sale!” or “We’re Closing Down, Everything Must Go!”
  • Buzzwords like “Clearance Sale” “Blowout Sale” and “Going Out of Business” help create false urgency and enticement.
  • The text often claims it’s a limited chance to get free shipping on your favorite candies because the company is shutting down or clearing out inventory.
  • When you click the ad or post, it goes to the Canndyy.us website to continue the scam sales funnel.
  • Celebrity deepfake endorsements may be used, with famous faces seemingly promoting the free candy. This aims to build credibility through star power.
  • Too-good-to-be-true offers like “1,000 Reese’s Cups – $0!” can reveal it as Canndyy.us scam bait.

Essentially, be wary of any Facebook post or ad with candy giveaways that feel slightly “off” or over-the-top. The scammers use exaggerated enticements and fake scarcity to drive clicks to their site.

Identifying the Scam on Instagram

On Instagram, questionable accounts may promote the Canndyy.us free candy scam through:

  • Eye-catching posts using the same types of candy graphics, slogans and fabricated sales gimmicks.
  • Linking to the scam website in their bio or posts.
  • Using hashtags like #FreeCandy, #CandySale, #FreeShipping and others to attract people.
  • Replying to comments asking how to get the free candy with instructions to visit Canndyy.us.
  • Stolen celebrity images Photoshopped to appear endorsing the candy giveaway.
  • Videos that seem designed to go viral, featuring candy mascots, animations and music.
  • No evidence they are a real candy company – generic stock images, no company info.
  • Repetitive posts about the same “limited time” or “clearance” candy deals.
  • Comments may be disabled to prevent warnings about the scam being exposed.

Again, inflated claims of free shipping, limited time offers, and major discounts should raise red flags. Legitimate brands don’t give away massive amounts of product free.

Catching the Scam on TikTok

On TikTok, be suspicious of any videos promoting Canndyy.us free candy, including:

  • Bright, flashy videos promising free candy with urgent messages to act fast.
  • Explicit claims you can get unlimited free shipping on all the most popular candy brands.
  • Using trending audios, dance moves, and viral video styles to attract views.
  • Alleged warehouses and storefronts stocked with candy to exaggerate product claims.
  • Fake celebrity cameos telling viewers to get their free shipping.
  • Comment sections disabled to suppress warnings that it’s an obvious scam.
  • Links to Canndyy.us in bios or video captions.
  • Bot accounts that like/share the videos to boost visibility.

Essentially, critically examine any TikTok content centered on free candy giveaways, especially those directing people to external websites. Telltale signs like urgent claims, disabled comments, bots engagement and dubious videos expose the Canndyy.us fraud.

Across all platforms, using healthy skepticism rather than blindly trusting enticing free candy offers helps avoid this scam’s traps. If you spot posts that match these descriptions, report them to get the fake accounts and misleading content removed. Stay vigilant across social media to protect yourself and others!

What To Do If You’ve Fallen For the Canndyy.us Scam

Advertisement

If you entered any sensitive information, completed sign-ups or downloads through the Canndyy.us website, immediate action must be taken to protect yourself. Here are the steps to follow right away:

Step 1: Contact Banks and Credit Card Companies

If you inputted any credit/debit card information, including just the card number, contact those financial institutions immediately. Inform them you believe your cards may have been compromised through a scam website.

Request replacement cards with new card numbers to prevent fraudulent charges. Also set up alerts to monitor transactions on the prior card and accounts in case of any abuse.

Step 2: Monitor Credit Reports

Potential identity theft from scams requires checking credit reports as soon as possible for any suspicious activity.

Visit AnnualCreditReport.com to access free reports from Equifax, TransUnion and Experian. Scrutinize all recent credit inquiries, account openings and other entries that could suggest fraud.

If anything looks suspicious, report it to the credit bureau right away. Also consider placing a credit freeze with each agency to block criminals from opening new accounts in your name.

Advertisement

Step 3: Reset Online Account Passwords

If you used the same username/password combination on Canndyy.us that you use elsewhere, hackers may attempt to access your other accounts like email, social media and more.

Immediately log in and reset the passwords for any online accounts associated with the credentials entered on the scam site. Use strong, unique passwords for each account moving forward. Enabling two-factor authentication also helps prevent unauthorized logins.

Step 4: Run Anti-Malware Scans

If you downloaded anything to your device from the scam offers, it may have contained viruses, spyware or other malware.

Download legitimate anti-virus and anti-malware tools to fully scan your device. Remove anything deemed suspicious that could jeopardize your information or system security.

Step 5: Watch for Phishing Attempts

Scammers will sometimes follow up a successful con by posing as legitimate sources, like a bank or government agency, to trick you into providing more data.

Be extra diligent about not opening links or attachments in emails claiming to be related to the scam. Call the purported source directly for verification. Also beware of scam recovery services.

Step 6: Report the Scam

To help authorities catch scammers and warn others, report Canndyy.us and to any agency you entered information with, like the FTC, FBI, AG, and more. The more fraud reports these groups receive, the more likely it is action will be taken to disrupt the scam and perpetrators.

By immediately taking these steps, you can minimize damages and prevent the scam artists from fully capitalizing on any compromised information. But acting fast is critical, as online criminals tend to leverage data quickly after stealing it.

Is Your Device Infected? Check for Malware

If your device is running slowly or acting suspicious, it may be infected with malware. Malwarebytes Anti-Malware Free is a great option for scanning your device and detecting potential malware or viruses. The free version can efficiently check for and remove many common infections.  

Malwarebytes can run on Windows, Mac, and Android devices. Depending on which operating system is installed on the device you’re trying to run a Malwarebytes scan, please click on the tab below and follow the displayed steps.

Malwarebytes For WindowsMalwarebytes For MacMalwarebytes For Android

Scan your computer with Malwarebytes for Windows to remove malware

Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.

  1. Download Malwarebytes for Windows

    You can download Malwarebytes by clicking the link below.

    MALWAREBYTES FOR WINDOWS DOWNLOAD LINK
    (The above link will open a new page from where you can download Malwarebytes)
  2.  

    Install Malwarebytes

    After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.

    MBAM1
  3. Follow the On-Screen Prompts to Install Malwarebytes

    When the Malwarebytes installation begins, the setup wizard will guide you through the process.

    • You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.

      MBAM3 1
    • Malwarebytes will now begin the installation process on your device.

      MBAM4
    • When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.

      MBAM6 1
    • On the final screen, simply click on the Open Malwarebytes option to start the program.

      MBAM5 1
  4. Enable “Rootkit scanning”.

    Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.

    MBAM8

    In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.

    MBAM9

    Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.

  5. Perform a Scan with Malwarebytes.

    To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.

    MBAM10
  6. Wait for the Malwarebytes scan to complete.

    Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.

    MBAM11
  7. Quarantine detected malware

    Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.

    MBAM12

    Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.

    MBAM13

  8. Restart your computer.

    When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.

    MBAM14

Your computer should now be free of trojans, adware, browser hijackers, and other malware.

If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future.
If you are still having problems with your computer after completing these instructions, then please follow one of the steps:

Scan your computer with Malwarebytes for Mac to remove malware

Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.

  1. Download Malwarebytes for Mac.

    You can download Malwarebytes for Mac by clicking the link below.

    MALWAREBYTES FOR MAC DOWNLOAD LINK
    (The above link will open a new page from where you can download Malwarebytes for Mac)
  2. Double-click on the Malwarebytes setup file.

    When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.

    Double-click on setup file to install Malwarebytes

  3. Follow the on-screen prompts to install Malwarebytes.

    When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.

    Click Continue to install Malwarebytes for Mac

    Click again on Continue to install Malwarebytes for Mac for Mac

    Click Install to install Malwarebytes on Mac

    When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.

  4. Select “Personal Computer” or “Work Computer”.

    The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
    Select Personal Computer or Work Computer mac

  5. Click on “Scan”.

    To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
    Click on Scan button to start a system scan Mac

  6. Wait for the Malwarebytes scan to complete.

    Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
    Wait for Malwarebytes for Mac to scan for malware

  7. Click on “Quarantine”.

    When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
    Review the malicious programs and click on Quarantine to remove malware

  8. Restart computer.

    Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
    Malwarebytes For Mac requesting to restart computer

Your Mac should now be free of adware, browser hijackers, and other malware.

If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future.
If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.

Scan your phone with Malwarebytes for Android to remove malware

Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.

  1. Download Malwarebytes for Android.

    You can download Malwarebytes for Android by clicking the link below.

    MALWAREBYTES FOR ANDROID DOWNLOAD LINK
    (The above link will open a new page from where you can download Malwarebytes for Android)
  2. Install Malwarebytes for Android on your phone.

    In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.

    Tap Install to install Malwarebytes for Android

    When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
    Malwarebytes for Android - Open App

  3. Follow the on-screen prompts to complete the setup process

    When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options.
    This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue.
    Malwarebytes Setup Screen 1
    Tap on “Got it” to proceed to the next step.
    Malwarebytes Setup Screen 2
    Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue.
    Malwarebytes Setup Screen 3
    Tap on “Allow” to permit Malwarebytes to access the files on your phone.
    Malwarebytes Setup Screen 4

  4. Update database and run a scan with Malwarebytes for Android

    You will now be prompted to update the Malwarebytes database and run a full system scan.

    Malwarebytes fix issue

    Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.

    Update database and run Malwarebytes scan on phone

  5. Wait for the Malwarebytes scan to complete.

    Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
    Malwarebytes scanning Android for Vmalware

  6. Click on “Remove Selected”.

    When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
    Remove malware from your phone

  7. Restart your phone.

    Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.


Your phone should now be free of adware, browser hijackers, and other malware.

If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future.
If you are still having problems with your phone after completing these instructions, then please follow one of the steps:

Frequently Asked Questions About the Canndyy.us Candy Scam

Wondering if Canndyy.us is legitimate or have other questions about this concerning scam? This FAQ covers the key details everyone should know.

Is Canndyy.us real or a scam?

Canndyy.us is absolutely a scam and does NOT actually ship free candy as promoted. The site falsely claims to offer free shipping on major candy brands like Snickers, Twix, Skittles, etc. In reality, it is a fraudulent front to harvest personal information and sign people up for unwanted paid services. No candy is ever shipped, despite the convincing ads and website.

How does the Canndyy.us free candy scam work?

The scammers promote the site through Facebook, Instagram and TikTok ads that entice people with free candy offers. When users visit Canndyy.us, they see $0 prices on famous candies. Clicking “Order Now” triggers a pop-up demanding you complete “offers” to verify you aren’t a bot before receiving candy. These offers redirect to shady sites that steal your info or sign you up for subscriptions. Victims never get any free candy.

What happens when you try to order from Canndyy.us?

Attempting to order free candy from Canndyy.us leads to completing sketchy offers that expose you to identity theft, malware downloads, monthly subscription fees or other financial damage. No candy ever ships out, as the entire premise is fabricated to gather data and traffic.

Is Canndyy.us affiliated with candy brands like Snickers or Twix?

No. Canndyy.us has no affiliation with any major candy manufacturer. The brands are used without authorization to create perceived legitimacy and enticement. Their trademarks are illegally misused as bait. Do not trust any “free shipping” offers on authentic candy products.

Advertisement

How can you identify this scam on social media?

Watch for too-good-to-be-true candy giveaways on Facebook, Instagram and TikTok using slogans like “Going Out of Business Sale!” Bright graphics, celebrity deepfakes and viral gimmicks aim to drive site traffic. disabled comments and other red flags can reveal the fraud.

What should you do if you entered info on Canndyy.us?

Immediately contact your bank about any compromised cards. Monitor credit reports and accounts for suspicious activity. Reset passwords on any accounts using the same credentials. Run anti-malware software to check for infections. Report the scam to the FTC, BBB, and social networks. Act fast to limit damages from submitted data.

Can you get your money back if you completed offers?

Potentially, if you acted quickly enough to dispute charges and reported unauthorized transactions from the shady offers. But the scammers make it extremely difficult to hold them accountable or recover lost funds. Your best recourse is preventing the damage in the first place. Never submit payment information on unfamiliar sites pushed through social media ads.

The Bottom Line

We hope this full breakdown of how the Canndyy.us candy scam operates provides much-needed awareness to avoid more victims. The allure of free shipping on candy understandably entices kids and adults alike.

But the brutal truth is Canndyy.us will never send any free candy, only use deception to access personal and financial data. Now that you know how these scammers create legit-looking sites, place social media ads and manipulate users into clicking malicious links, you can steer clear of this online threat.

Remain vigilant about viral offers that seem too good to be true, use unique passwords for all accounts, monitor statements routinely, and implement other layers of fraud protection.

With scams like Canndyy.us on the rise, it’s crucial that consumers stay informed, proactive and engaged in stopping fraud. If we take away the ability to profit off deception, criminals will abandon such tactics and seek easier targets.

Together, we can create an online environment that rejects the underhanded social manipulation and technical exploits these scammers rely on. By immunizing yourself against these schemes through education, you’re part of the solution – and that’s sweeter than any candy.

Advertisement
How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Leave a Comment