14 DAY TRIAL // A few days ago we reported that Websense specialists found a number of toolkits used by fraudsters to launch scams on Pinterest. Now, McAfee experts have also identified such tools and they reveal that the spammers don’t even need to possess too many skills in order to launch their campaigns.
“These tools are so easy that many require only the attacker or scammer to change a couple of lines of code in the available kit. They can literally start a new Pinterest scam within minutes!” McAfee’s Hardik Shah wrote.
The researcher reveals that these tools come bundled with everything one needs to quickly start a malicious operation. These components can include comment posters, mass like tools, account creators, and even mass follow apps.
For instance, the Pinterest Content Locker. It’s one of those mechanisms that, when deployed, it displays a window with a message that reads “Content Locked! To access this content please pin our page.” It’s as easy as taking “pins” from a baby.
Some tools, such as the Pinterest Amazon Product Submitter, allow the scammers to earn a lot of money via referral links. The application scans Amazon for products based on keywords appointed by the fraudster and then it submits them to Pinterest.
When the unsuspecting user clicks on the post, he/she is redirected to the crook’s site, which contains another redirect script that points to Amazon. Because this second redirect embeds the affiliate Amazon ID, the spammer earns money.
Another good example is the mass shortened link generator, which creates random links for the plot’s main URL.
There’s also a program that checks the type of device a potential victim is using to access the phony page. If he is surfing the web from a mobile device, a different type of page can be loaded.
All the pieces of software, including the mass follower bot, the mass comments tool, and the one designed to generate Pinterest invites, come with detailed documentation, giving wannabe scammers the opportunity to launch their plots simply be entering some data and pressing a few buttons.