COVID-themed phishes will continue to be common while the pandemic is ongoing. This one sounds too good to be true–saying that your email address was randomly selected to received sponsored products is just a ploy to get you to click on a phishing link disguised as a survey.
An interesting tactic that the phisher employed in this one is attaching a calendar file containing the same phishing link as the email message itself. This is because some calendars may default to automatically adding calendar items from incoming emails. Worse, some may even default to triggering notifications for them on your device even if you didn’t RSVP, meaning the link could appear among your device notifications (a place where the phisher is hoping your guard will be down so that you’ll be more likely to click the link).
You can read more about calendar phishes in this article from WIRED.
