Phishing scams are not new and neither are fake surveys that promise fabulous prizes to anyone willing to click on a few links. However, a new scheme seen on Facebook combines the two in an attempt to steal login credentials and redirect unsuspecting users towards websites that earn the fraudsters a commission.
This particular plot, discovered by Hoax Slayer
, advertises a replacement for Craigslist adult section.
The post that deploys the whole thing looks something like this:
Basically wanted to let you know due to the fact craig's list diabled their [expletive] section i released my own profile right here on facebook and i have a good video there also in the event your wanting for a great escort message me,
I am nineteen yr old and also I never do drugs and have no stds give it a look, tell me what you think.[link]
Curious internauts who click on the link are taken to a fake Facebook profile. This appears to be only a redirection page since the victim is almost immediately redirected to another website that cleverly replicates the social network’s official login webpage.
Those who fall for it and provide their usernames and passwords are not off the hook yet. They’re redirected to a classic survey site that attempts to lure them further by promising all sorts of prizes.
While some survey sites earn a commission for the scammers simply for the traffic they take their way, others are far more dangerous.
More recent variants ask the victim to provide personal information such as name, email address and a mobile phone number. These details may not seem much, but for a clever social engineer they could be highly valuable.
Furthermore, once users enter their phone number, they might find themselves subscribed to all sorts of mobile services that cost money.
That’s why we advise users to act with caution whenever they’re presented with such shady-looking posts.