14 DAY TRIAL // American auto insurance company Esurance has been running a Super Bowl Twitter competition. Those who use the hashtag #EsuranceSave30 can win $1.5 million (€1.1 million), which is the amount of money the company has saved for running an ad immediately after Super Bowl and not during the event.
Security experts warn that scammers are using the contest to their advantage. Symantec has spotted various types of scams.
For instance, the owners of @HelpfulTips (the “l” in Help” is actually a capitalized “i”) have changed the account name to Esurance Giveaway. A few tweets have helped the account gain thousands of followers and over 40,000 retweets. Then, the account’s name was changed back to LifeHacks.
Other accounts created shortly after Esurance announced the competition are Esuranc, Esurnace, Esurrance, Essurance, EsuranceGW and EsuranceWinBig.
For instance, EsuranceWinBig sent out tweets urging users to donate money to increase their chances of winning the $1.5 million (€1.1 million). The account and the donation page have been shut down, but the scammers have already received $261 (€192) in donations.
Other rogue accounts have been used to lure Twitter customers to phishing sites.
“Why are these accounts being created in the first place? By riding on the popularity of the contest and the hashtag, some of these accounts have gained anywhere between 1,000 to 100,000 followers,” Symantec researchers explained.
“After that, the owners of these accounts are able to sell these fake accounts to individuals who are looking for accounts with real Twitter followers instead of fake ones. This can then be used for affiliate spam.”
Users who want to participate in Twitter contests are advised to make sure the accounts they’re following are legitimate. Most major companies have verified accounts so that users know they’re the real deal.
However, be careful, since the verified logo can be faked. If it’s legitimate, when you hover the mouse over the verified logo it should read “verified account.”