JetBlue tickets scam spreads via Facebook, tricks Jezebel

Filed Under: Facebook, Mobile, Social networks, Spam

Facebook users are seeing lots of messages claiming to link to a special JetBlue Airways offer, claiming they can get free tickets. Unfortunately, anyone who clicks on the link is in danger of signing-up for a premium rate mobile phone service.

The messages look something like this (the precise wording may vary):

Jet Blue scam

JetBlue Airways
Your Free Trip
2 Free JetBlue Airways Tickets - Facebook Users Only

The scam has been spread more widely, in part, because the Facebook page belonging to Jezebel.com (a women's lifestyle blog, part of the Gawker network) passed on the message to its 30,000+ fans.

Jezebel's Facebook page. Click for larger version

If you were to click on the link you are taken to a webpage (with a large version of the JetBlue Airways logo in the background) which asks you to "Facebook Connect" with the site in order to access the alleged special offer.

Jet Blue scam

If you do that then Facebook asks if you want to give permission for an application called "JetBlue Family" to gain access to your account information, including the right to email you and post messages to your wall.

Jet Blue scam

Proceeding further, however, takes you to page which attempts to make money for the scammers - either in the form of a revenue-generating survey or, in my case, a page which tries to trick you into signing up for an expensive premium rate cell phone service (charged at £4.50 per week).

Jet Blue scam

In the meantime, the scam has already been posted onto your own Facebook wall, trying to trick your online pals and family into making the same mistake.

Hopefully, this article will act as an important reminder for folks to read the small print, and be very careful what applications they allow to gain access to their Facebook account. And owners of pages with tens of thousands of followers like Jezebel need to be much more careful what they do regarding their online safety too.

If you've been hit by a scam like this, remove references to it from your newsfeed, and revoke the right of rogue applications to access your profile via Account/ Privacy Settings/ Applications and Websites.

And if you're a keen user of Facebook, you should join the thriving community on the Sophos Facebook page.

, , , ,

You might like

8 Responses to JetBlue tickets scam spreads via Facebook, tricks Jezebel

  1. ans_Miami · 1257 days ago

    What kind of moron company running a facebook page passes this along to its followers before looking into the site!?!?

    • My guess is that the administrator of the page simply fell for the scam like any other Facebook user.

      They probably didn't knowingly post the link to the Jezebel page, but instead the rogue application posted it to the page automagically (without the administrator's knowledge). That's one of the issues when you give a third-party Facebook application permission to post to your wall and pages..

      They seem to have removed the offending message now from the Jezebel page. Hopefully they'll also warn their users of the danger, in case any were tempted to click on it.

  2. Rob · 1257 days ago

    I'd also suggest anybody who experienced the text signup option take a few moments to visit http://www.phonepayplus.org.uk/output/Make-a-comp... and complain about the promotion of this service.

    • I'd be interested to learn more about the text signup you are talking about.

      As for the PPP, PhonepayPlus tends to look mostly at the content providers who wind up sucked into these scams. The regulator has very little other point of entry into the market,s o CPs are always scrutinized first. Otherwise, the PPP Tribunal has been doing a good job of working with content providers to address these messes.

  3. LYM · 1167 days ago

    Thank you for this. I laid awake wondering how to stop this scam from sending more messages to my FB friends. You just solved it for me! Whew!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.