Feeds

Grifters punt 'get rich quick' scams at Facebook users

Social networking marks made an offer you can refuse

Internet Security Threat Report 2014

Grifters are using Facebook to lend credibility to an elaborate get rich quick scam designed to trick punters into handing over credit card details.

The ruse begins with an ad on Facebook touting an offer to "get paid for posting links – Google will pay you great money for doing this". Users who respond to the come-on by clicking on a link are taken to a page where someone who's supposedly become rich through the scheme relates his story.

On the same page there’s a link to something called a "Google advertising" kit. Surfers who decide to find more about this are taken to a page called emillionaire.inc

This, in turn, leads to another page where punters are invited to enter their details to see if they’re eligible for this type of job. Only prospective marks from the UK, US, Canada and Australia are eligible. Prospective marks are invited to pay $1.90, using a debit or credit card, to take part.

Users receive nothing in return promoting complaints on Facebook from punters who have been taken in by the ruse, net security firm Trend Micro reports.

"There’s a forum where someone called 'Sophie from Belfast' is seeking advice as she fell for the scam and is now afraid her details are out there somewhere. Someone else from the US has also posted complaints that money had been taken from her," according to Rik Ferguson, senior security advisor at Trend Micro.

"Facebook Inc is obviously realising revenue from the advertisements they serve on behalf of these scammers, which calls into doubt the efficacy of Facebook's advertiser vetting procedure," Ferguson told El Reg.

An example of a dubious money making ad circulating on Facebook can be found here.

In other Facebook-related security threat news, a picture ruse that first appeared in November has been given a new lease of life, Trend reports.

Targeted Facebook users are informed that they have been "tagged" in an album by a currently online friend. Users are invited to visit a site called Stealpics.com but this is just a ruse designed to get users onto a site punting an electronic credit card at hugely disadvantageous terms.

Previous versions of the album tagging bait sent users on a merry dance while harvesting email addresses but nothing to do with duping them into signing up for services of dubious worth, as with the latest variant of the approach. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.