Tweet

Trend Micro has discovered a new scam spreading via Twitter that uses gift vouchers as bait. Users are repeatedly retweeting a message with a shortened URL that promises they will receive a free gift voucher from various online shops:

The shortened URL leads to a website (http://{BLOCKED}voucher.net) that entices users to complete surveys and refer their friends to the site to earn points. The points they would supposedly earn depend on the difficulty and language of the survey.  However, the survey site is not related to any of the legitimate sites that are mentioned on their page.

If users try to take a survey, they will get a window which shows their IP address:

We did not proceed any further, as it was clear that this site was engaged in suspicious behavior. Examination of the site’s WHOIS information revealed that the domain was only registered in late October, indicating that the site may have been set up to take advantage of the upcoming holidays. Twitter has also suspended the main account shown earlier, raising even more suspicions. We have since classified the website as a spam site and blocked it in order to protect users.

Trend Micro users are already protected from this threat via the Smart Protection Network™. Users are also advised to be wary about what they retweet, lest they spread information that is just plain wrong.