Prize / Sweepstakes Fraud
Attack Trigger
Unexpected notification that you have won a prize in a contest you never entered
What Attackers Want
$500–$10,000 in escalating processing, tax, and shipping fees
How This Attack Works
Victims receive congratulatory emails, texts, or calls claiming they have won a lottery, sweepstakes, or retail prize drawing. To release the winnings, victims must pay escalating taxes, legal fees, or shipping costs. No prize exists and fees multiply with each payment until the victim stops paying or runs out of money.
Red Flags to Watch For
- ✗You cannot win a lottery or sweepstakes you never entered
- ✗Any prize requiring an upfront fee to claim is a scam — legitimate prizes do not work this way
- ✗Winner notification arrives from a free email address like Gmail or Yahoo
- ✗Prize value is extremely high to maximize excitement and override skepticism
- ✗Request for your Social Security Number or bank account to "process the award"
- ✗Requests for secrecy to prevent "disqualification"
Known Malicious Domains
These domains have been associated with this attack. Never click links going to these addresses.
- congrats-winner-claim.comMALICIOUS
- sweepstakes-claim-now.netMALICIOUS
- big-prize-notification.comMALICIOUS
- reward-center-official.netMALICIOUS
Glance automatically blocks emails from domains on this list. Domain list is not exhaustive — attackers register new domains continuously.
How Glance Stops This
- Domain similarity analysis catches lookalike sender addresses at millisecond speed
- SPF / DKIM / DMARC validation flags authentication failures before you ever see the email
- VirusTotal + Google Safe Browsing checks every link in real time
- Urgency language detection scores the email higher for manual review
- Known malicious domain blocklist updated continuously from live scan data
Don't wait to get hit.
Glance scans every incoming email against 12 detection layers — including the exact tactics described above — before it reaches your inbox.
Protect My Inbox — Free