14 DAY TRIAL // Experts from cloud security provider Zscaler warn that iPad-related scams are still a common threat on social networking websites. Rogue Facebook profiles spread spam messages advertising a fake iPad give-away beta testing program.
"[username] want a free iPad? You got to see this site [bit.ly shortened URL]" a Facebook spam message coming from a user called Tammi Tyler, reads. "Tammi Tyler appears to be a throw-away, spam profile used for this campaign," Mike Geide, a senior security researcher at Zscaler, concludes.
Clicking on the link takes you to a page on a domain name called theigadged.com that was registered at the beginning of the month. The page is eye-catchy, looks professionally designed and claims that if you sign up with a program that involves testing an iPad for two months, you get to keep it.
This starts as a classic email harvesting scam, the sign-up form asking for your first name, last name and email address, information that will almost certainly later be used to spam you. In addition, after completing the first part of this fake registration, the scam shifts to a phishing attack and asks you to input your email address and password to automatically inform everyone in your contact list about the offer. Finally, after the registration is allegedly complete, you are taken to an online quiz, which tries to trick you into signing up for a premium mobile phone service.
The company listed on the website is called Beta Testing Inc, but it is most likely just a fake name. However, searching for it on the Internet will reveal that the same scam was performed from domains like betaincgroup.com or betatestinginc.com in May.
Additionally, it seems that Facebook is not the only social networking website this scam was spammed on. "Googling for the bit.ly link shows it spammed out to Twitter as well," Mr. Geide informs.
You can follow the editor on Twitter @lconstantin