The attack claims a potential reward if the end-user offers the company feedback. Instead, the end-user gets redirected to a credential harvesting page.
Now, we keep noticing more and more Walgreens-based attacks. Why? Because when something works for hackers, they are going to continue to do it until it doesn't.
Here's an example:
This email claims to offer a gift card for being a loyal customer. A quick inspection of this message will raise all sorts of red flags. The link does not go to Walgreens. The sender information is also not from Walgreens. And yet, had Avanan not blocked this email, someone could've seen the $100 and clicked without thinking it through.