/ Shopping, Technology

Update: have you fallen for a scam promotion on social media?

Online voucher

Sophisticated social media scams are becoming a real concern. Not only do they pose an obvious risk to users of social networks, such as Facebook, but they’re alarmingly effective.

How do we know they’re effective? Because if they hadn’t worked, we wouldn’t be seeing them.

It’s easy to be sucked in when you see friends and family purporting these scams, but the people you trust the most are obliviously doing the fraudsters’ bidding.

How is this happening?

Dodgy social media posts spread like a virus – the scammers will often give you an incentive to click through, usually promising something for nothing, such as in the two examples we spotted (below).

Morrisons promotion scamEasyjet promotion scam

The posts have been cunningly designed to appear genuine, using official brand logos and, in the case of the Morrisons example, even going into T&Cs – right down to what the cashier should do with the ‘coupon’.

But it’s the way the scam reaches you that’s the clever part. Both these posts reached Which? staff members’ Facebook feeds by being shared by family members.

The wording ‘thanks for my gift coupon’ even makes it appear that the person you know was successful in using it, but this has been placed there by the fraudsters. The scam has practically arrived with an endorsement from someone you know well, making it all the more convincing.

Unbeknownst to the victim, clicking on these links sends your personal information to third parties, while also triggering the ‘share’ with all your friends, and on it travels.

A problem shared

Shares and likes are the currency when it comes to Facebook scams. Hoax-Slayer spotted this page (below).

British Airways scam post

The post from scammers posing as ‘British Airway’ has been designed to amass as many likes as possible, in order for it to be used for other scam campaigns (or even sold on a black market to other scammers!).

Update: 10 November 2016

Be warned! These promotions and competition scams are continuing to ‘do the rounds’ on social media. Today we’ve been made aware of an ‘Emirates’ promotion being circulated on WhatsApp, the smartphone messaging app.

This promotional message is sent straight to victims’ phones via the app. The message calls on recipients to click the link in order to claim two free tickets for an Emirates flight, made to look like the real deal with the airline’s website ’emirates.com’ at the top of the message and an image of the apparent two tickets up for grabs.

If you click the link to ‘claim’ your tickets you’re then taken to survey for you to complete in order to proceed.

Whatsapp Emirates scam

Whatsapp message

Scam survey

Scam survey



We’ve alerted Emirates to this scam promotion. We’re worried that these scams just aren’t going away and even more concerning they’re looking more convincing too.

Keeping safe

Remember to always keep a close eye on what you’re clicking on when you’re browsing your social media timelines – even if it arrives by what you think is a legitimate source.

We’d advise closely inspecting any URLs you aren’t sure about, quickly Googling the ‘promotion’, or simply asking your friend or family member if they meant to share the post. It may be an old cliché, but if it looks too good to be true, it probably is.

Have you spotted any dodgy social media posts? Do you think social networks, such as Facebook and Twitter, should do more to get rid of them from their platforms?


I do not use the social media relating to all the most popular websites but I am highly interested in those who do because from years of gathering security information from all tech. websites in this country but mostly abroad it seems those using them are very lax in their self security and get “carried away ” with giving out information to others . I am not taking into account that everything you input on them ends up with third parties for use for profit one way or another because that is taken as read but honestly hackers themselves think that those who inhabit them arent too knowledgeable about what can happen on the web. They think they are “easy meat ” all sorts of rip-off scams are perpetuated , so this will be a sort of “Gallup Poll ” on the British Publics attitude when communicating on them . It is those websites business to put forward a “friendly , social approach , and inviting to draw in more “customers ” but that to me is like the spider to the fly -come into my parlour and they did . This is mirrored in many posts in the banking Convo where many blame the banks for lack of security although others blame the users. It boils down to money to protect in any business ,so will those multi- $Billion giants of the Internet pay out to protect their clients or does profit come before security ?

I notice George mentions checking the URL , there is an add-on that can be applied to browsers called “Clean Links ” which I have on my main browser for general use . It is designed to convert obfuscated/nested links to genuine plain clean links , it also allows to remove affiliate /tracking tags from URL,s .It can be added to Firefox directly and also if you visit github.com I would NOT advise you to download it from cnet.com /download.com .

I like your ‘Clean Links’ Duncan.

I got an email from the BBC yesterday entitled Changes to your BBC iD account. If I have received emails from BBC iD before, I don’t remember them.

Hovering over links the URLs start click.e.bbcmail.co.uk. Are they meant to confuse you into thinking they are the real BBC?

There is a line that says: ‘If you are concerned that this is not a genuine email sent from the BBC we have created an FAQ page on our website explaining why you are receiving it.’ Ahh, the reassuring line……..

Then another sentence: ‘You’re receiving this transactional email message because you registered for a BBC account.’ The giveaway line that this is really spam?

But a search takes you to a real BBC page entitled: I’ve received a ‘Changes to your BBC account’ email claiming to be from the BBC – is this a genuine email?’ And it appears it is genuine after all.

It has been said before, companies could do a lot to help themselves and us by not using confusing links.

Thank you Alfa , my mind is always on “protectionism ” when it comes to the Web. I have fought many a battle against all sorts of malware, official or otherwise and ,to me, its a continuing “war ” against it. Getting rid of Windows was a major help.

I received the same e-mail this morning. That they have to go to so much trouble explaining that their message is not spam or a scam shows how contaminated the web is now. The more the BBC tried to convince me that their e-mail was genuine the more suspicious I became because those tactics are used by scammers themselves. I was still not 100% convinced but I gave it a go anyway as I could not find anything dubious about the text, style, or presentation. At the end of the exercise I could not really understand what benefit there was from being signed in to an account because I don’t want their e-mails anyway.

When you sign into an account you are saying its okay for the website to contact you with “offers ” , for it to track you over the web and use you to build up a “picture ” of what you like /buy/ and watch. It does so, so that it can “target ” you and it provides info as to the number and location etc of people that are interested in its website and business. The BBC for example has a lot of trackers and even if you delete them onsite one “bounces back ” again , you have to delete it after you leave the website , it also uses javascript and because I block it usually ( not from Which ) I either get plain text or a blank page so I get limited in the full function of the website . But it is no different from my ISP BT , if I dont allow it to track me I cant log-in or access my emails relating to BT Mail directly only using an email client , and if I dont directly access the email site , after so many months I lose the service as it loses revenue from not tracking me ( well the US company who own it does) . There is a lot more but I have been told I am boring in that direction .

I get so little unwanted stuff via the internet that I am not overly bothered about trackers. My browsing history is probably a lot more boring than yours, Duncan. I have opted out of 90% of the content the BBC offers and chosen not to receive their e-mails so my inbox will not be burdened. I find the organisations I deal with do what I tell them when I no longer wish to hear from them. My browsing and internet activity is limited to just a handful of carefully selected websites. I seem to be completely unsusceptible to click-bait which I think both wastes a lot of people’s time and exposes them to unwanted follow-ups.

Its good to have someone to talk to John.

As I don’t remember signing up for BBC iD, I did think the email was a scam especially when they used the word transactional.

If I am at all dubious about the contents of an email, I never clink on a link, but do a search and some info will usually turn up. Making links look almost like the real ones (like bbcmail) is a sure way to fool people into thinking they are genuine.

I have Sky broadband, and as I don’t get that much spam these days, I assume Sky put a stop to a lot of it.

If you dont remember signing up Alfa that has me worried because I have read the full contract you have with the BBC if you do all your sensitive details is collected and can be used as well as your political leanings . hyper links are provided to third parties .The BBC use online behavioural advertising so dont think BBC=1950,s thinking its now commercialised .

I’m not worried Duncan. I might have signed up for it some time ago, and I am not going to sign in because they ask me to. I don’t even know my sign in but it is odd that they contacted me on a fairly new email address.

I do have Kaspersky with blocking enabled and it is currently blocking 11 items on the convos front page.

Well at least this page I am posting this on seems to have a green lock which is a secure connection verified by COMODO.CA , yes I know about what trackers are on Which but are you blocking -HTML5 ? you need a specialized browser/app. I just let them track me on it , as -better the”devil you know ” type of thinking.

amarni says:
26 November 2016

I too have been receiving these emails from BBC for my BBC ID to be updated. I have tried on numerous occasions to do this without success.

I think I will simply ignore these messages in the future to be on the safe side.

In addition, every month I receive a download from Which and some days later receive an apology from Which that I was not able to receive the email and its content. As I am not so computer literate (this will change in the New Year when I go on a proper Mac course) I will just delete the message.

Well Facebook isn’t a scammers paradise for nothing. Just type “thank anniversary” (w/o the quotes ofc) into its search bar and click latest to see all the current scams.

Only yesterday one of the Facebook suggested posts ( aka paid for ads) showed a doctored image with completely incorrect text, purely to get you to click on it. The URL shown below the ad wasn’t even where clicking would take you.

Facebook should be made to carry a public security warning.

Last week I reported a dozen fake accounts to facebook that were posting scams to numerous BUY/SELL groups. Facebook actioned 2 of them, and left the ones using Hilary Clinton, Natalie Bennet and Theresa Mays images to keep spreading the scams.

I do try and warn companies about scams in their name, but I find the people dealing with their social media don’t really understand the issue.

One handy tip: if you use google , doing a RHMC on an image quote often gives you the option of searching google by image.

Right up to date with the Facebook comment William, Alex Stamos , Chief Security Officer at Facebook admits that they have BOUGHT passwords from hackers on the Black Market , he was speaking at Lisbon,s Web Summit . The passwords bought from the Black Market are those that were stolen from mass data hacks like Yahoo-Dropbox-Twitter-Linkedin-MySpace and are now offered for sale by the hackers . He admitted Facebook is the most vulnerable social website on the Web as it attracts 1.3 Billion visitors daily . To check the presence of fake logins , Facebook uses Social Graph algorithms which basically are checking the identity of YOU. Notice all the big names ? all hacked and people still wonder how scammers/hackers know all your details .The most common password on them ?? —- 123456 , no wonder hackers have an easy time of it. Facebook statistics state nearly 1 million users die every year ,they are not erased from the big data they hold and will still get birthday messages etc , a bit upsetting .

Tracey smart says:
8 October 2016

yes I clicked the Morrisons coupon – got a text message I had entered a Whizz Competition – called the 0800 number and the company is Not Morrisons it is Arctic Shopping Mobile, PO box 17348, 1001 JH, Amsterdam, The Netherlands – they put phone down on me when I called them scammers. Should be stopped immediately by blocking their scams to innocent people!!!

Lionel says:
9 October 2016

I have just received two emails claiming to be from Facebook saying I have just applied to register with them, and asking me to send them them more details and to click on links. I HAVE NOT APPLIED TO BE WITH THEM. I presume it is a scam.

David Barker says:
12 October 2016

These scams not only apply to social media but also to e- mails. I am receiving on average 2 a day from supposed sources like Morrisons supermarket and Easy Jet to name only 2.
All I can do is delete the e- mail without opening it and try to filter them out on my providers server – but they keep on coming. We need laws to protect us from this and Soon!

As this is an update on scamming practices I think it is only right that the latest news is that 300,000 Android devices are infected with a Banking Trojan relating to Google AdSense using Chrome browser they will be releasing patch for it. That is also a problem as it appears as an important update for Chrome or a famous app that people are tricked into installing and when installed it disappears from the installed list . While downloading from unknown sources is blocked normally many users seeing an update will allow it through . Another one on the move is a new Android Malware that asks for selfies —and– steals credit card details . The latest talk on the web is that the UK is getting near the top choice for hackers due to the amount of money being hacked from businesses/NHS /banks/etc

Sam Jalalabadi says:
12 November 2016

I was recently linked that Emirates offer scam via WhatsApp from a family member! I’ve flown with Emirates before and am on their mailing list. I would expect that if this offer was legitimate, it’d be mentioned within their email circular. As soon as I opened up the link, it rang alarm bells and I just closed it down and ignored.

Good to know it wasn’t a real offer!

I do have one problem , Which sent me a click on link survey ,most are okay and I can answer the questions but the latest one goes through BSD.net – Blue State Digital – a US company which my protection blanked out so I wasnt able to express my opinion. I am not saying its dangerous just it collects data to third party sources that “could ” use it to target people. It does do good things i am just trying to find out why i get a blank on it but not on previous surveys.

bishbut says:
14 November 2016

I delete anything that seems even slightly dodgy even though it could be genuine be extra safe rather than sorry I can always find them in my deleted box if i then have second thoughts and then study them carefully