|
For some time now we’ve been reporting about Facebook scams involving surveys that ask for victims’ mobile numbers. These have become rampant, and have used many different lures like Google+ invites
and free Breaking Dawn Part 2 movie tickets
Another good example is a Facebook page we recently encountered, one claiming to be a Starbucks promo page, and offering people free coffee. Clicking the link on the page opens a new browser window, which connects to a site that triggers a series of redirections.
 |
 |
The user is then finally led to a survey site, which asks for the user’s mobile number.
We decided dig deeper into the survey site, as it is the same site that we’ve seen in several previous attacks.
The website, http://{BLOCKED}factory.com, is registered under ENOM Inc, a registrar known to be used by cybercriminals. It was created in 2008, and its registration expires in 2012.
Based on its website information, it specifically targets mobile users, as the most used keywords for the site include the words ringtones, polyphonic ringtones, as well as screensavers, and wallpapers. Based on this, it is highly likely that the same guys behind this site are the same ones behind the survey scams being seen around Facebook.
The particular scheme shares similarities with a prevalent type of mobile malware: premium service abusers. Like premium service abusers, survey scams also leave users with unwanted charges in their phone bill. The only difference is the way it is done, since premium service abusers are more intrusive, and involve a malicious file being installed in the affected device. Survey scams rely mostly on social engineering, but nevertheless leads to the same result.
With the growing dependency of users both on mobile devices and social media, it is not surprising to see threats such as this one, wherein the vector used, is a different platform from the one that will be ultimately affected.
Users can check out our e-book, “Spam, Scams, and Other Social Media Threats” for more information, as well as our Mobile Threat Information Hub for the latest on mobile threats..
Leave a reply
