We recently found Twitter spam touting “gift cards” at the tail-end of the gift-giving season. In this run, Twitter users are lured into clicking a shortened URL with the strings “#mcdonalds gift card.” McDonald’s is a globally well-known fast food chain that, like many other establishments, do offer certificates and vouchers for patrons who would like to give these as gifts or rewards.
Unfortunately, closer inspection of the shortened link reveals a URL that doesn’t seem to have anything to do with McDonald’s gift certificates.
Instead, the link leads to the following site:
Clicking the “Join Now” button leads to some redirections that finally lands the page to an adult dating site.
We consider the URLs used in this attack as malicious because of the deceitful nature by which they are used. The lure “#mcdonald’s gift card” would have definitely led several users to believe that some gift certificates or vouchers are being given away or discounted.
A couple of weeks ago of weeks ago in the US, attention was drawn to a Mystery Santa who donated $500 worth of gift cards from McDonald’s to a nearby homeless shelter. Whether or not cybercriminals got a social engineering idea from this cannot be confirmed, but in all cases users are advised against clicking on links without first inspecting them. In this case, hovering on the link would have given users a clue about how to proceed. Another context clue in the illegitimacy of this spam is how users may find themselves being mentioned in the same tweet with unfamiliar users or users that they do not normally follow. This is due to how the spam bot mentions Twitter accounts that have been victimized in the same spammed tweet.
This is also not the first time that McDonald’s was used as a social engineering lure. Here are just some of the incidents we’ve seen in the past:
- Getting a Taste of McDonald’s Phish Fillet
- Bogus McDonald’s, Coca-Cola Promos Used as Worm Carriers
- No Such Thing as Free Lunch, and Free Supper Will Cost You
Trend Micro™ Smart Protection Network™ protects against Twitter spam by preventing you from accessing malicious sites. Read the Web Attack Entry “Spam, Scams and Other Social Media Threats” for more tips on staying safe online.