It’s a known fact that Facebook has acquired most of the domains that resemble “facebook.com” to avoid letting shady characters use them in their malicious plots. However, it turns out that they missed a couple of important ones: facenook.com and facevook.com.
Fraudsters are already taking advantage of this slip-up to advertise all sorts of fake prizes that can allegedly be won by anyone who takes a short survey and provides some basic information, AegisLab experts warn
The interesting thing about this scheme is that the websites to which users are redirected are not the same for everyone. The site the victim is presented with depends on the country from which he/she types facenook.com
in the browser.
This means that if the victims are located in the US, they’ll likely be presented with Walmart and Best Buy gift card offers. On the other hand, if internauts access the site from a country where such brands are not as well known, they’ll be presented with prizes consisting in Apple products or no-name
In both versions, users are presented with a number of gifts they must choose from before the time runs out (there’s an actual timer that shows the number of seconds left). In the second phase of the plot, a number of questions must be answered.
The prizes selected or the provided answers don’t make much of a difference since at this point, if there’s an affiliate marketing service involved, the crooks have already made a certain amount of money.
However, it’s not over yet. In order to claim the prizes, the victim must enter his/her mobile phone number and email address.
The trick in this case lies in the fine print displayed at the bottom of the page. Those who provide their phone number are actually subscribed to a paid mobile service.
The worrying part is that, in some situations, the websites the user is taken to when typing facevook.com
resembles the official Facebook site a great deal. This increases the chances for someone to actually believe that the prizes are from the social network.