Twitter scam promises free iPad, and spam

Filed Under: Apple, Data loss, Social networks, Spam, Twitter

An attack on Twitter users is going around via direct messages (DMs) again. This time the lure is a free iPad, a scam we have seen making the rounds on Facebook and in email as well. Paul Ducklin recently did a street survey in Singapore showing just how many people can be lured by offers that are too good to be true.

Screenshot of free iPad promises

The DMs contain the message "Here you can get free IPAD http://tinyurl.com/CENSORED just register." They are hiding behind a TinyURL that after more than 8 hours of abuse is surprisingly still active. Fortunately Twitter seems to have disabled access to the API key being used by the perpetrators.

Whois of scam domain

Domain registrations can't always be trusted, but I do believe this one is plausible. This domain is registered to an individual in the Ukraine with some false details. Now, if you were tempted by these messages initially, how likely is it that someone in the Ukraine is doing iPad market research and wants to give you an iPad?

Those who come up with these scams are clearly the responsible parties, but those who are tempted by these thinly veiled ruses are equally responsible. No one is going to give you a $600 device for responding to a survey. No one who needs people to "test" a popular product is going to solicit people to do so through an open-ended social media campaign. Oprah is not going to offer you a free car via Twitter -- you actually need to go to Harpo Studios.

If you surrender your Facebook or Twitter credentials with the hopes of getting something for nothing, you will in fact get something. You will get a bad reputation among your friends and colleagues and potentially have your credit, identity, or computer resources stolen. If you received one of these direct messages from a friend please counsel them not to fall for this kind of thing. If you were one of the ones tempted, let's call this one a lesson learned and please be more careful in the future.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.