Softpedia >News >Security >Spam Reports
Softpedia Homepage   

“Free $1,000 Best Buy Giftcard” Scams Served via SMS

Just because some scams come via text messages, it doesn't mean they're less dangerous

Jun 15, 2012 11:32 GMT  ·  By
If you see this message, delete it
   If you see this message, delete it

Marketing that’s done via SMS is not new, but more recently, cybercriminals have begun abusing this method to advertise all sorts of shady products and offers. ESET researchers detail another SMS phishing scam that users should beware of.

It all starts with an SMS that reads:

Your entry in our drawing WON you a FREE $1,000 Bestbuy Giftcard! Enter “619” at www.bestbuy.com/[redacted].biz to claim it and we can ship it to you immediately.

As you might expect, the link doesn’t actually lead to the official Best Buy site, but a suspicious domain registered trough a Bahamas company that’s famous for providing its services to online pharmacies and payment systems usually utilized by Russian cybercriminals.

Once the victim visits the site and enters the “619” code, he/she is taken to another website where all the fun begins.

The terms and conditions on the suspicious domain reveal that in order to win the $1,000 (760 EUR) gift card, the user must provide an email address and other contact information, purchase six products, and refer another ten other friends who must also buy six items.

The contact information is not only used to send more advertisements, but it can also be sold to other companies, as it clearly states in the terms and conditions section of the site.

You may be tempted to believe that for all those purchases and all the hard work you’re going to receive that highly promised gift card, but you are wrong. This is a scam and no matter what you do you will never get a dime.

So, let’s take a look at what to do to avoid such scams, commonly referred to as “SMSishing” or “Smishing”.

First of all, as ESET’s Distinguished Researcher Aryeh Goretsky highlights, it’s all a matter of “impulse control.” Always remember that no one is going to hand you over large amounts of money or fancy gadgets just because you provided an email address and clicked on a few buttons.

If you fear that you might give in to the temptation, use a mobile security software, as they’re usually capable of identifying a scam before it can cause any damage.