The latest Facebook
scam leverages Breaking Dawn Part 2
and leads to survey pages that steal personal data such as cell phone numbers and email addresses.
Who wants free tickets to
The Twilight Saga: Breaking Dawn Part 2? To most, specifically to cybercriminals, the real question is, "Who wouldn't?"
We have encountered several incidents of clickjacking on
Facebook, which typically redirect users to a malicious survey that asks for personal information such as email addresses or mobile phone numbers.
This time around, this attack now targets users (and fans) who may be interested to watch the movie,
Twilight Saga: Breaking Dawn Part 2.
The image below shows how the page looks. The photo features celebrities, Robert Pattinson and Kristen Stewart, two of the movie's main characters.
Clicking the
Share Link button automatically posts the messages on the user's wall. Clicking the image or text, on the other hand, redirects the user to the page shown below.
The survey that the user needs to fill out before being asked for his/her email address looks like this:
Once a user provides his/her email address, the people behind this attack sends different spammed messages to his/her inbox.
After this page, a new confirmation page appears, which asks for the user's personal credentials such as cell phone number.
Clicking the
Continue button redirects the user to the page below. Needless to say, the page does not contain an e-ticket nor a free movie pass.
This page then requires the user to take another survey. Clicking the survey link, however, will display the image below.
This is actually the last page related to this supposed
Breaking Dawn free ticket promo. Clicking a
Continue button (any of three) will redirect a user to a malicious survey.
Users are advised to always be on the lookout for such threats and to avoid clicking scam links on
Facebook. Trend Micro protects product users from this attack via the
Smart Protection Network™ by blocking all related URLs.
Facebook and other social networking sites remain viable platforms for several cyber attacks. As such, social media users can protect themselves by checking out our e-book,
“Spam, Scams, and Other Social Media Threats.”