Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2014
    S M T W T F S
    « Oct    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us

    For some time now we’ve been reporting about Facebook scams involving surveys that ask for victims’ mobile numbers. These have become rampant, and have used many different lures like Google+ invites
    and free Breaking Dawn Part 2 movie tickets.

    Another good example is a Facebook page we recently encountered, one claiming to be a Starbucks promo page, and offering people free coffee. Clicking the link on the page opens a new browser window, which connects to a site that triggers a series of redirections.

    Click for larger view Click for larger view

    The user is then finally led to a survey site, which asks for the user’s mobile number.

    As we’ve known from past instances of this threat, what happens when the user enters their phone number is that they get subscribed to certain services without their permission, causing them additional charges to their phone bill on a daily basis.

    We decided to dig deeper into the survey site, as it is the same site that we’ve seen in several previous attacks.

    The website, http://{BLOCKED}factory.com, is registered under ENOM Inc, a registrar known to be used by cybercriminals. It was created in 2008, and its registration expires in 2012.

    Based on its website information, it specifically targets mobile users, as the most used keywords for the site include the words ringtones, polyphonic ringtones, as well as screensavers, and wallpapers. Based on this, it is highly likely that the same guys behind this site are the same ones behind the survey scams being seen around Facebook.

    The particular scheme shares similarities with a prevalent type of mobile malware: premium service abusers. Like premium service abusers, survey scams also leave users with unwanted charges in their phone bill. The only difference is the way it is done, since premium service abusers are more intrusive, and involve a malicious file being installed in the affected device. Survey scams rely mostly on social engineering, but nevertheless leads to the same result.

    With the growing dependency of users both on mobile devices and social media, it is not surprising to see threats such as this one, wherein the vector used, is a different platform from the one that will be ultimately affected.

    Users can check out our e-book, “Spam, Scams, and Other Social Media Threats” for more information, as well as our Mobile Threat Information Hub for the latest on mobile threats..





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice