The Latest in IT Security

Fake Tumblr Marketing Blog Leads to “Viral Gift Giveaway”


Click to Enlarge

Many of the cash generating advertising gimmicks making their way across Tumblr tend to skirt around the edges of legitimacy. This one is a full on, straight up fakeout and should be ignored as such. There are two types of spam promoting the website Tumblrmarketing(dot)com – the more regular kind of spam posted to Ask boxes that we’ve seen so often before [1], and spam posted up by users themselves who unwittingly think they’re taking part in an official Tumblr promotion [2].


Click to Enlarge


Click to Enlarge

Above, you can see a regular user has posted up a “Staff Blog: Viral Gift Giveaway” image with a link claiming that “I just earned a free gift by filling out a quick survey for Tumblr marketing research. Click here to do the very same!”

As we’ll see, the site linked to is convincing enough that Tumblr users are linking to it even though they’re not entirely sure themselves. “Not really sure if legit or not, but hey, it IS the staff blog…” the Tumblr owner states, even though the linked source is absolutely not the official staff blog. Shall we take a look?

Click to Enlarge

“Fill out this form, and claim a free $100 Starbucks gift card.

With Starbucks as our latest investor, our marketing research team has aligned with them for this special offer. Help us determine our base demographics, and then help yourself to some free coffee.

Limited availability. This offer is on a first come first serve basis, and only available to the first 1,500 participants”

Uh huh. Directly below the form which asks for Tumblr user information is a note that says “posted by Topherchris”, complete with avatar. Beneath that is a collection of blog posts that look genuine. That would be because the person responsible for the above site wrapped a fake website around elements of the real Tumblr Staff blog, and changed “Tumblr Staff” to “Tumblr Marketing” directly beneath the “Staff blog Tumblr” logo to convince users of non-existent legitimacy.

Topherchris is one of the people who post to the staff blog, and indeed hovering over the date the “blog” regarding free gift cards was made (the hyperlink for the supposed post, dated May 30th) reveals that it actually links to a blog post about a Tumblr sporting event involving race cars, dated May 25th.

Click to Enlarge

Yes, they moved the date forward by five days and hoped nobody would notice (or at least click the hyperlink taking them to the unrelated sporting event post). Regardless of whether you fill in some information into the form or not, clicking the button takes the end-user to the next stage of the process (and a slick looking one, at that):

Click to Enlarge

Instead of depositing the end-user onto a survey, they want to make sure they contribute to spreading the fake blog first with an instruction to hit the “Share on Tumblr” button and reblog, then “return to claim your prize”. This is where posts such as the below are coming from, which can best be summarised as “I don’t know what this is or what it does, but I’ll reblog it anyway”:

Click to Enlarge


Meanwhile, the end-user is taken – at last – to their free $100 Starbucks gift card. Sort of. And by sort of, I mean “not even remotely close”:

Click to Enlarge

Did anyone order a sex questionnaire? Because I’m pretty sure I didn’t. Here’s a sample of how things play out behind the scenes:

Click to Enlarge

You can see the whole roadtrip, from the starting point of the fake blog, through the content located on the “eliefreview” URL and Tumblr Staff Blog data (specifically, the photoset from this post), the “starbucksframes” URL which hands the end-user the Starbucks specific content from the frames page all the way to the final destination which in this case would be the “quiz” in the screenshot above.

Speaking of the “frames page”, whoever set this up went to an awful lot of trouble to serve deal specific offers because here’s a list of their files related to the pages involved in this one:

Click to Enlarge

Above, you can see “iphoneindex”, “mcindex”, references to Starbucks, “Subindex” and a few others. Not all of these will go to plan for the person who made these frames, as not all the deals will be available in the region of the end-user (so typically they’ll end up at a ringtone ad or a survey that has nothing to do with the “frame name”) but here’s a few screenshots:

Click to Enlarge

Click to Enlarge

It may well be stating the obvious at this point, but the sites being spammed around Tumblr right now via Ask Box comments and overly optimistic reblogs of a Tumblr Staff “Viral gift giveaway” are absolutely nothing to do with Tumblr, the Tumblr staff, the Tumblr blog or anything else remotely official and Tumblrish.

Wrapping your shenanigans around the actual Staff Tumblr blog instead of just throwing up some graphics that link directly to a survey is a pretty interesting development, and just like the other fakeouts this new attempt at earning some affiliate cash will continue to fool unsuspecting Tumblr users. A keen eye will quickly spot that the links are fake, the content isn’t official and the source listed on user posts links to third party domains.

“Marketing”, it most definitely is. “Official Tumblr Blog”, it most definitely is not.

Christopher Boyd

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments