Feeds

Grifters punt 'get rich quick' scams at Facebook users

Social networking marks made an offer you can refuse

Securing Web Applications Made Simple and Scalable

Grifters are using Facebook to lend credibility to an elaborate get rich quick scam designed to trick punters into handing over credit card details.

The ruse begins with an ad on Facebook touting an offer to "get paid for posting links – Google will pay you great money for doing this". Users who respond to the come-on by clicking on a link are taken to a page where someone who's supposedly become rich through the scheme relates his story.

On the same page there’s a link to something called a "Google advertising" kit. Surfers who decide to find more about this are taken to a page called emillionaire.inc

This, in turn, leads to another page where punters are invited to enter their details to see if they’re eligible for this type of job. Only prospective marks from the UK, US, Canada and Australia are eligible. Prospective marks are invited to pay $1.90, using a debit or credit card, to take part.

Users receive nothing in return promoting complaints on Facebook from punters who have been taken in by the ruse, net security firm Trend Micro reports.

"There’s a forum where someone called 'Sophie from Belfast' is seeking advice as she fell for the scam and is now afraid her details are out there somewhere. Someone else from the US has also posted complaints that money had been taken from her," according to Rik Ferguson, senior security advisor at Trend Micro.

"Facebook Inc is obviously realising revenue from the advertisements they serve on behalf of these scammers, which calls into doubt the efficacy of Facebook's advertiser vetting procedure," Ferguson told El Reg.

An example of a dubious money making ad circulating on Facebook can be found here.

In other Facebook-related security threat news, a picture ruse that first appeared in November has been given a new lease of life, Trend reports.

Targeted Facebook users are informed that they have been "tagged" in an album by a currently online friend. Users are invited to visit a site called Stealpics.com but this is just a ruse designed to get users onto a site punting an electronic credit card at hugely disadvantageous terms.

Previous versions of the album tagging bait sent users on a merry dance while harvesting email addresses but nothing to do with duping them into signing up for services of dubious worth, as with the latest variant of the approach. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.