Costco Thanksgiving Dinner Email Scam
Scams

Costco Thanksgiving Dinner Email Scam Uses Fake Surveys to Steal Information

By Sean Doyle · · 4 min read

The Costco Thanksgiving Dinner Email Scam is a fraudulent phishing campaign that impersonates Costco and claims the recipient has won a Complete Gourmet Thanksgiving Turkey Dinner. These emails appear to offer a free holiday meal for completing a quick survey, but the links direct victims to deceptive websites designed to harvest personal information and payment card details. None of the emails, surveys, or domains involved in this scam are connected to Costco or any authorized distributor.

Scammers rotate subjects, sender names, domains, and promotional wording. Some victims may receive messages with different product images, different URLs, or slightly altered phrasing. Despite these variations, the scam follows the same structure seen in similar reward-based scams: a fake prize email, a fraudulent survey, and a counterfeit checkout page that collects sensitive data.

The Scam Email

The phishing email arrives under the name “Costco,” but the sender domain is unrelated to the retailer. The message claims the recipient has been selected to receive a Complete Gourmet Thanksgiving Turkey Dinner. The email includes a clickable promotional image showing a holiday meal and a large red button urging the victim to “GET IT NOW.”

The example examined in this report contained a link directing users to:

https://hyrcynianturnout.autos/

This redirect is part of a rotating network of scam landing pages. These domains expire quickly or are swapped out to keep the operation active.

Costco Thanksgiving Dinner Email Scam Message

The Fake Costco Survey Page

After clicking the email, victims are taken to a fake survey that mimics legitimate promotional questionnaires. The page includes a Thanksgiving meal image, fabricated scarcity notices, and a countdown timer intended to pressure the victim into completing the steps quickly.

This stage has no real function other than to capture the victim’s attention long enough to move them to the final phishing page. The questions have no effect on eligibility and are identical across many unrelated scam campaigns.

complete gourmet thanksgiving turkey dinner phishing scam

The Fake Checkout Page

The last stage of the scam presents a professionally styled but fraudulent checkout page. It falsely claims that the Thanksgiving meal is available for only $11.52 or a similarly low fee. The page displays fake security badges, holiday-themed graphics, and detailed product descriptions to appear legitimate.

The checkout form requests:

  • Full name
  • Email address
  • Phone number
  • Physical address
  • City, state, and ZIP code
  • Credit or debit card information

No product is shipped. Instead, the scammers collect identity data and payment card details for fraudulent use or resale on criminal networks.

Domains Used in the Scam

The following domain was observed in this version of the Costco scam:

  • hyrcynianturnout.autos (redirect landing page)

Attempts to retrieve WHOIS details show limited visibility due to privacy shielding, which is common for disposable scam infrastructure. Newly registered domains with masked ownership are a consistent feature of these fraudulent reward operations. When additional domains appear in new variations of the scam, they typically display similar registration patterns. A quick WHOIS Lookup can be used to verify suspicious domains.

Red Flags in the Costco Thanksgiving Dinner Email Scam

  • Unsolicited reward emails with urgent phrasing
  • Sender domain unrelated to Costco
  • Clickable promotional images leading to unfamiliar URLs
  • Survey pages that exist only to funnel victims forward
  • Checkout forms asking for personal and financial information
  • Newly registered domains with no brand connection
  • Low shipping prices used as bait to obtain card details

Why the Offer Is Fake

Costco does not notify customers of prize selections through random emails, nor does it require shipping fees for unsolicited rewards. The rotating domains, survey funnel, payment requests, and lack of affiliation with Costco confirm that this is a phishing campaign designed to steal personal information and card data.

How to Protect Yourself

  • Do not click links in unsolicited reward emails.
  • Verify promotions directly through the official Costco website.
  • Avoid entering personal or payment information on unfamiliar pages.
  • Check sender domains carefully. Authentic Costco emails come from @costco.com.
  • Use security software to block malicious redirects and pages. Tools like Malwarebytes can help detect threats.

What to Do If You Submitted Information

  • Contact your bank or card issuer immediately.
  • Request a new card and dispute unauthorized charges.
  • Monitor your accounts for signs of identity theft.
  • Change passwords associated with compromised information.
  • Scan your device for malware if you interacted with the pages.

How to Report the Scam

For more scam alerts and cybersecurity coverage, visit the Botcrawl scams section.

Sean Doyle

Sean is a tech author and security researcher with more than 20 years of experience in cybersecurity, privacy, malware analysis, analytics, and online marketing. He focuses on clear reporting, deep technical investigation, and practical guidance that helps readers stay safe in a fast-moving digital landscape. His work continues to appear in respected publications, including articles written for Private Internet Access. Through Botcrawl and his ongoing cybersecurity coverage, Sean provides trusted insights on data breaches, malware threats, and online safety for individuals and businesses worldwide.
View all posts →

Related Posts

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.