Food-delivery company Delveroo thought it would be fun to play an April Fool’s trick on its customers in France. After all, who wouldn’t find a corporation demonstrating its human side by causing a chuckle a welcome relief amid a global pandemic?
Unfortunately, what Deliveroo France did just wasn’t funny.
It sent an email to thousands of its customers, claiming that they had ordered €466.40 (almost USD $500) worth of pizza.
According to the email, customers had ordered a whopping 38 anchovy pizzas, with 50 sachets of spicy sauce thron in for free as a loyalty bonus.
But, of course, they hadn’t really ordered that many pizzas… In fact, it’s hard to believe that anyone would order a single anchovy pizza.
Deliveroo customer Elies said that they “almost had a stroke” after receiving the fake confirmation email. And you can imagine the panic the email might have instilled in some customers, as they might have feared their bank accounts would have been debited for a ridiculous amount of pizza…
In fact, Deliveroo’s April Fool’s trick displays disturbing similarities to the scams we see arriving in users’ inboxes every day, purporting to be for expensive orders, that trick unsuspecting recipients to click on links in a panic.
The difference is, the scam emails which claim to be about bogus Amazon purchases and the like aren’t actually sent by Amazon.
As BBC News reports, many recipients of the Deliveroo email called their banks in panic and attempted to block any payment.
One angry customer posted on Twitter that Deliveroo’s bogus bill was “chicken-brain communications.”
Others said they had uninstalled the Deliveroo app in response.
The following day, following many complaints, Deliveroo posted an apology acknowledging that the email had been a “failed April Fool’s Day joke,” and admitting that the email could “mislead you and cause you unnecessary stress.”
“We are deeply sorry. Especially since the security of your data is a top priority, and under no circumstances should we have led you to think, even stealthily, that your data may have been compromised. We apply strict security procedures, so that your data is always perfectly protected. Your trust is essential and we hope you will accept our apologies.”
On the positive side, none of Deliveroo’s customers in France were scammed or lost any money as a result of the company’s dumb joke.
But if your customers learn that they cannot even trust the emails your company legitimately sends them, what chance do they have to tell them apart from the deliberately malicious scams they receive?
Yes, what Deliveroo did was stupid. And worse than that, it wasn’t even funny.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsNovember 14, 2024
September 06, 2024