/ Shopping, Technology

Update: have you fallen for a scam promotion on social media?

Online voucher

Sophisticated social media scams are becoming a real concern. Not only do they pose an obvious risk to users of social networks, such as Facebook, but they’re alarmingly effective.

How do we know they’re effective? Because if they hadn’t worked, we wouldn’t be seeing them.

It’s easy to be sucked in when you see friends and family purporting these scams, but the people you trust the most are obliviously doing the fraudsters’ bidding.

How is this happening?

Dodgy social media posts spread like a virus – the scammers will often give you an incentive to click through, usually promising something for nothing, such as in the two examples we spotted (below).

Morrisons promotion scamEasyjet promotion scam

The posts have been cunningly designed to appear genuine, using official brand logos and, in the case of the Morrisons example, even going into T&Cs – right down to what the cashier should do with the ‘coupon’.

But it’s the way the scam reaches you that’s the clever part. Both these posts reached Which? staff members’ Facebook feeds by being shared by family members.

The wording ‘thanks for my gift coupon’ even makes it appear that the person you know was successful in using it, but this has been placed there by the fraudsters. The scam has practically arrived with an endorsement from someone you know well, making it all the more convincing.

Unbeknownst to the victim, clicking on these links sends your personal information to third parties, while also triggering the ‘share’ with all your friends, and on it travels.

A problem shared

Shares and likes are the currency when it comes to Facebook scams. Hoax-Slayer spotted this page (below).

British Airways scam post

The post from scammers posing as ‘British Airway’ has been designed to amass as many likes as possible, in order for it to be used for other scam campaigns (or even sold on a black market to other scammers!).

Update: 10 November 2016

Be warned! These promotions and competition scams are continuing to ‘do the rounds’ on social media. Today we’ve been made aware of an ‘Emirates’ promotion being circulated on WhatsApp, the smartphone messaging app.

This promotional message is sent straight to victims’ phones via the app. The message calls on recipients to click the link in order to claim two free tickets for an Emirates flight, made to look like the real deal with the airline’s website ’emirates.com’ at the top of the message and an image of the apparent two tickets up for grabs.

If you click the link to ‘claim’ your tickets you’re then taken to survey for you to complete in order to proceed.

Whatsapp Emirates scam

Whatsapp message

Scam survey

Scam survey

 

 

We’ve alerted Emirates to this scam promotion. We’re worried that these scams just aren’t going away and even more concerning they’re looking more convincing too.

Keeping safe

Remember to always keep a close eye on what you’re clicking on when you’re browsing your social media timelines – even if it arrives by what you think is a legitimate source.

We’d advise closely inspecting any URLs you aren’t sure about, quickly Googling the ‘promotion’, or simply asking your friend or family member if they meant to share the post. It may be an old cliché, but if it looks too good to be true, it probably is.

Have you spotted any dodgy social media posts? Do you think social networks, such as Facebook and Twitter, should do more to get rid of them from their platforms?

Comments

This comment was removed at the request of the user

This comment was removed at the request of the user

I like your ‘Clean Links’ Duncan.

I got an email from the BBC yesterday entitled Changes to your BBC iD account. If I have received emails from BBC iD before, I don’t remember them.

Hovering over links the URLs start click.e.bbcmail.co.uk. Are they meant to confuse you into thinking they are the real BBC?

There is a line that says: ‘If you are concerned that this is not a genuine email sent from the BBC we have created an FAQ page on our website explaining why you are receiving it.’ Ahh, the reassuring line……..

Then another sentence: ‘You’re receiving this transactional email message because you registered for a BBC account.’ The giveaway line that this is really spam?

But a search takes you to a real BBC page entitled: I’ve received a ‘Changes to your BBC account’ email claiming to be from the BBC – is this a genuine email?’ And it appears it is genuine after all.

It has been said before, companies could do a lot to help themselves and us by not using confusing links.

This comment was removed at the request of the user

I received the same e-mail this morning. That they have to go to so much trouble explaining that their message is not spam or a scam shows how contaminated the web is now. The more the BBC tried to convince me that their e-mail was genuine the more suspicious I became because those tactics are used by scammers themselves. I was still not 100% convinced but I gave it a go anyway as I could not find anything dubious about the text, style, or presentation. At the end of the exercise I could not really understand what benefit there was from being signed in to an account because I don’t want their e-mails anyway.

This comment was removed at the request of the user

I get so little unwanted stuff via the internet that I am not overly bothered about trackers. My browsing history is probably a lot more boring than yours, Duncan. I have opted out of 90% of the content the BBC offers and chosen not to receive their e-mails so my inbox will not be burdened. I find the organisations I deal with do what I tell them when I no longer wish to hear from them. My browsing and internet activity is limited to just a handful of carefully selected websites. I seem to be completely unsusceptible to click-bait which I think both wastes a lot of people’s time and exposes them to unwanted follow-ups.

This comment was removed at the request of the user

As I don’t remember signing up for BBC iD, I did think the email was a scam especially when they used the word transactional.

If I am at all dubious about the contents of an email, I never clink on a link, but do a search and some info will usually turn up. Making links look almost like the real ones (like bbcmail) is a sure way to fool people into thinking they are genuine.

I have Sky broadband, and as I don’t get that much spam these days, I assume Sky put a stop to a lot of it.

This comment was removed at the request of the user

I’m not worried Duncan. I might have signed up for it some time ago, and I am not going to sign in because they ask me to. I don’t even know my sign in but it is odd that they contacted me on a fairly new email address.

I do have Kaspersky with blocking enabled and it is currently blocking 11 items on the convos front page.

This comment was removed at the request of the user

I too have been receiving these emails from BBC for my BBC ID to be updated. I have tried on numerous occasions to do this without success.

I think I will simply ignore these messages in the future to be on the safe side.

In addition, every month I receive a download from Which and some days later receive an apology from Which that I was not able to receive the email and its content. As I am not so computer literate (this will change in the New Year when I go on a proper Mac course) I will just delete the message.

Well Facebook isn’t a scammers paradise for nothing. Just type “thank anniversary” (w/o the quotes ofc) into its search bar and click latest to see all the current scams.

Only yesterday one of the Facebook suggested posts ( aka paid for ads) showed a doctored image with completely incorrect text, purely to get you to click on it. The URL shown below the ad wasn’t even where clicking would take you.

Facebook should be made to carry a public security warning.

Last week I reported a dozen fake accounts to facebook that were posting scams to numerous BUY/SELL groups. Facebook actioned 2 of them, and left the ones using Hilary Clinton, Natalie Bennet and Theresa Mays images to keep spreading the scams.

I do try and warn companies about scams in their name, but I find the people dealing with their social media don’t really understand the issue.

One handy tip: if you use google , doing a RHMC on an image quote often gives you the option of searching google by image.

This comment was removed at the request of the user

Tracey smart says:
8 October 2016

yes I clicked the Morrisons coupon – got a text message I had entered a Whizz Competition – called the 0800 number and the company is Not Morrisons it is Arctic Shopping Mobile, PO box 17348, 1001 JH, Amsterdam, The Netherlands – they put phone down on me when I called them scammers. Should be stopped immediately by blocking their scams to innocent people!!!

Lionel says:
9 October 2016

I have just received two emails claiming to be from Facebook saying I have just applied to register with them, and asking me to send them them more details and to click on links. I HAVE NOT APPLIED TO BE WITH THEM. I presume it is a scam.

These scams not only apply to social media but also to e- mails. I am receiving on average 2 a day from supposed sources like Morrisons supermarket and Easy Jet to name only 2.
All I can do is delete the e- mail without opening it and try to filter them out on my providers server – but they keep on coming. We need laws to protect us from this and Soon!

This comment was removed at the request of the user

Sam Jalalabadi says:
12 November 2016

I was recently linked that Emirates offer scam via WhatsApp from a family member! I’ve flown with Emirates before and am on their mailing list. I would expect that if this offer was legitimate, it’d be mentioned within their email circular. As soon as I opened up the link, it rang alarm bells and I just closed it down and ignored.

Good to know it wasn’t a real offer!

This comment was removed at the request of the user

I delete anything that seems even slightly dodgy even though it could be genuine be extra safe rather than sorry I can always find them in my deleted box if i then have second thoughts and then study them carefully