10:11 am (UTC-7) | by Arabelle Mae Ebora (Fraud Analyst)
Possibly the most common sham seen on social networking sites, survey scams have certainly figured prominently in this year’s Web threat story. Phishing scams aimed at sites like Facebook are also prevalent this year. Before we bid 2012 goodbye, we give you a rundown of some Facebook-themed scams and threats we saw during the last week of December.
Choose Your Facebook Theme Scam
Possibly an incarnate of last February’s fake Facebook Valentine’s theme, we saw two scams that peddle new color themes for Facebook. The first scam promises a red or black Facebook theme. This scam was even found spreading on Tumblr.
The second scam, on the other hand, offers more colors for users. Despite offering choices to users, the infection chain is essentially just the same. Once users clicked the URL, it leads to a series of redirections then finally to a phishing page.
These survey scams start out as posts from user’s Facebook contact. These posts are usually anchored on social engineering lures e.g. scandalous video, free iPad3 etc. to whet user’s curiosity. Once they click the link provided in these posts, they are asked to follow certain instructions leading to several page redirections. Finally, users are asked to fill out a survey form, usually asking for personally identifiable information (PII) like mobile numbers, email addresses etc.
Certain Direct Messages on Twitter Lead to Phishing Page
Twitter users are no stranger to such threats. Up to this day, they still encounter fake accounts that reply to tweets with a shortened link. In addition, we’re still seeing malicious messages sent to user’s direct message (DM) inboxes.
A recent example is a direct message we saw on Twitter that grabs users’ attention by implying that the link leads to a site that has a provocative picture of the user.
Instead, the link leads to a fake Facebook page designed to steal the users’ Facebook credentials.
So why are we still seeing these threats spreading on social networking sites like Facebook and Twitter? Like most things cybercrime-related, certain groups are earning money from this ruse. How exactly? For survey scams, the pages where users are redirected to are typically ad-tracking sites that track the number of site visits. These visits then, translate to profit for cybercriminals. The information taken from the survey and phishing pages are also sold to other cybercriminal gangs or used in other money-making schemes.
If 2012 has taught us anything, it’s to be more security conscious with our digital life. Ruses like survey scams and phishing pages are not going to fade away from the threat picture anytime soon. As such, users must follow well-known best practices for social media like avoiding clicking links without verifying its legitimacy – even if it came from a trusted Facebook, Twitter etc. contacts. These social networking sites also offer security features wherein users can report scams and other threats found on these sites.
To know more about how to make the coming new year safer and secure for your computer and mobile devices, you may read our Digital Life e-Guide A Guide to 2013 New Year’s Resolution.
Trend Micro Smart Protection Network protects users from this threat by blocking related malicious sites.
With additional analysis from Threat response engineers Joan Gan and Diana Lopera
Share this article