The Latest in IT Security

Tumblr typo leads to iPad offers

17
Nov
2011

Here’s a curious instance of a URL similar to “Tumblr(dot)com that seems to have been around for a while, capitalising on any typo happy Tumblr user eager to post up an image.

Skyrim – yes, this thing – has been a big deal on Tumblr of late and I noticed when clicking on the below image that it bounced me to an offers page rather than whatever the blogger thought they’d linked to.

Click to Enlarge
You’ll note the correct URL – ending in “Tumblr(dot)com” – is in the highlighted blue box on the right. However, the blogger has attempted to enter the same URL in the “image clickthrough” box highlighted in red but managed to type littlemenbeingerased(dot)tumbr(dot)com instead. See that?

Tumbr(dot)com. One missing “l” makes all the difference!

An enterprising individual in China is responsible for that domain, and clicking the image makes this happen:


You’re taken from the Tumblr blog to a site called “video-reward(dot)com, via a URL cloak website called “Secredir(dot)com”.

Click to Enlarge
At this point, all the free iPads in the World can be yours.

Sort of.

 Click to Enlarge
Click to Enlarge
This one costs “?3 per message”, though they go to great pains to point out that this isn’t a subscription service. I think I’d still rather skip this one either way.

The Tumbr URL has been around since 2007, although a quick check of the Internet Archive shows it’s been flatlined since creation – nothing but generic landing page adverts for years. It only seems to have been reborn sometime in 2011, redirecting people to the Video-reward site that’s been registered since 2011.

Considering how popular Tumblr is, the owner of Tumbr(dot)com could be coining it in if even a small percentage of users are accidentally filling their blogs with it. Let’s be thankful it’s just offers and not malware…

Christopher Boyd and Jovi Umawing

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments