Free tickets on Southwest Airlines? It's the latest Facebook scam

Filed Under: Facebook, Privacy, Rogue applications, Social networks, Spam

Southwest AirlinesFacebook users should beware the latest scam doing the rounds on the social network. A so-called opportunity to win free tickets with Southwest Airlines may look like a dream come true, but in fact is an opportunity for scammers to harvest your information.

Naked Security reader Wayne told us that he'd seen the messages being spread from the Facebook account of his daughter and her work colleagues, and further investigation found others users' accounts being used to spread the scam links.

What's interesting, as our friends at Facecrooks point out, is that the messages are being spread via comments on other users' walls rather than as status updates.

Messages include:

sweet! i just got 2 free flight vouchers from Southwest Air to fly to any destination i can think of lmao! i didnt believe it would work but it was, got it here..[LINK] try for yourself i just figured i would share with everyone

hey, i got my free Southwest airfare from [LINK] u should submit for a your own pair while they are still offering them!

hi, i just got my free Southwest airfare from [LINK] you should claim your own pair while its still available!

Southwest is offering complementary flights..but for a short time only: [LINK]

wassup, i just picked up my free Southwest tickets from [LINK] you should request yours while its available!

If you do click on the links you're taken to a webpage which looks like the genuine Southwest Airlines website, but instead urges you to connect with it via Facebook.

Scam website

The offer of free tickets may have proven too attractive a lure, of course, and so you might agree to proceed - whereupon you are greeted with the all-too-familiar sight of a Facebook dialog asking for your permission to install a third-party application.

Southwest rogue application

This rogue application can access your profile, and post messages from your account - allowing the scam to spread widely.

Southwest 30 second wait

You'll then be presented with a series of questions and offers, which scoop up your personal information. Would you be prepared to give this level of information about yourself to a complete stranger in the street? (Well, perhaps you would as the video we made on the roads of Bristol proved..)

But you shouldn't be so keen to share your personally identifiable information, especially when you cannot be sure what is going to be done with it.

Will we see more of these air ticket-related scams in the future on Facebook? I would bet money on it. After all, everyone dreams of the idea of flying off somewhere without having to pay for the privilege. In the past, we've seen Facebook scams regarding free tickets with JetBlue and Delta Air Lines, so it's not really a surprise to see the latest scam use a similar ploy.

If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here's a YouTube video I made which describes what steps you need to take:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 100,000 people regularly share information on threats and discuss the latest security news.

You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.

, , , ,

You might like

34 Responses to Free tickets on Southwest Airlines? It's the latest Facebook scam

  1. Robert Basil · 1254 days ago

    I posted about this a few hours ago for my readers on http://www.facebookvirusalerts.com but yours includes more detail. Thanks!

  2. Brad · 1253 days ago

    Just a note for all you readers. I saw a note being passed though facebook saying that if you see the free airline ticket message and click it your computer is doomed. If you follow all the steps in the Sophos guide I highly doubt your computer will be doomed.

  3. Tina · 1249 days ago

    hi, I do not see it listed in my applications. and i can only remove the post. there is no option to remove publishing rights.

    • Mathi · 1241 days ago

      Hi Tina,

      same problem here. I only had tripadvisor as an app. I removed that.

      Not sure how they did it....

      Thx
      Mathi

  4. Lalanii · 1123 days ago

    Thank You for this

    Is anyone getting these free flights sent to them in their regular email box ? Are they the same as the facebook scams ?

  5. Steph · 1112 days ago

    I received this offer via email and they asked me to confirm my email address. I assume if I were to do so that they would spam my contacts and have access to my personal information. The email they attempted to access is the one linked to my facebook account. however, thanks to this article, I just proceeded to delete it after reading this article.

  6. sss · 1107 days ago

    i can't remove the post from the main newsfeed.

  7. Keely · 1106 days ago

    How do I unsubscribe from the emails and texts I'm receiving as a result of registering for tickets?

  8. Minnie Major · 1105 days ago

    Another BOGUS AD: Free Tickets for 2 on Southwest Airlines

  9. janaki · 1105 days ago

    The answer is simple -- DO NOT USE third-party FB apps.

  10. yves · 1103 days ago

    Again is happening :(

  11. Trisha · 1101 days ago

    yea i am recieving them in my email box and have been recieving them for a few months. They will say anything to get ur info. so watch out. They are also doing a lot of free gift cards. The last one i saw was a $100.00 for Walmart. I did receive the 2 free southwest tickets too. I checked out SW site and it didn't say anything about giving away free tickets. So this is definitely a scam!

  12. Ruth · 1067 days ago

    I did the survey for the 2 free tickets on Southwest Airlines. What a mistake that was, but you live & learn. When I tried to unsubscribe it wouldn't let me. The only way I could handle this was to report spam abuse in my E-mail, which I stated my situation about not being able to stop all the junk/spam I was getting. All of sudden the original message for the survey came up & said to select the unsubscribe button, which I did and a message came back saying they would remove me from the global list of marketers & would take 2 to 7 days....hopefully this will work.

  13. Well...it's either back or still hanging out there in the ethers. Someone on my list showed up with it today. Sent out a warning and linked to your article here. Thanks for informing about this.

  14. Moxie Lady · 989 days ago

    @docmurdock,

    I saw the same thing just now. Not only did I post this link on her Facebook wall, I posted this link for everyone to see. What amazes me is how extremely intelligent people like her, who are not normally naive, will fall for this kind of thing. Thank you Sophos. Keep up the good work.

  15. not comp literate · 980 days ago

    Just watched the video and got all cleaned up. Thanks so much for the great info and for the clean-up instructions. I'm so glad I got it all taken care of easily. Sophos Naked Securtity is GREAT!!!

  16. Alex · 923 days ago

    thanks... we were looking for tickets and found the scam/offer. I figured I go to google and do a search and found your site. Thanks for to look out!

  17. Christine · 764 days ago

    I did not receive my letter of a free SW ticket through Facebook, but directly to my email account. The letter knew that I had recently made two reservations on Southwest. This is disturbing. The scammers somehow have access to Southwest's reservation service.

  18. Guest · 757 days ago

    I got this one through email and Walmart, Target etc etc

    And I reported them to Spamcop and Yahoo.

    But it is good Yahoo is interested in The Spam, by doing NOTHING!!!!!

  19. Ironically when I just tried to add the link to this article under a Southwest ticket scam link I got the following message from facebook

    "The content you're trying to share includes a link that's been blocked for being spammy or unsafe:"

    • Ron · 580 days ago

      I got that too. What are Facebook doing about it. Blocking a legitimate warning is only helping the spammers !

  20. Z C · 657 days ago

    @Dan Russel I had the same issue. I emailed the author about it but I just realized the article is over a year old!

    The attack has evolved though as the one I found doesn't require you to authenticate with a fake app. It steals your facebook iPhone access token instead.
    That token is a lot stronger than the average. It includes hidden information like your birth year, phone number, emails etc.
    Not just about yourself, but for all your friends that have their real email/phone number in facebook (public or not).
    https://s3-us-west-1.amazonaws.com/swatickets1349...

    It also seems impossible to remove it because you can’t de-authenticate the iPhone fb app.

  21. jellis · 643 days ago

    I can't share this on Facebook. The link won't show and it gives a message I can't post this on my timeline.

    • Safe Surfer · 580 days ago

      I reported it to FB. You should too. No doubt the scammers have had it blocked.

  22. Peanut · 636 days ago

    Oh for crying out loud. Yes this is back, and facebook has this page blocked.

  23. Urtica · 580 days ago

    Tried to post link to this page as a comment to a scam post and facebook won't allow it -- this site has been marked as "spammy". Right.

  24. Valerie Hess · 579 days ago

    I fell for this and am now locked out of my Facebook page. The "security photo tag" is the southwestern airline scam and it wants me to identify people I have tagged in that "photo." It will not let me past that security question even when I hit "skip." What can I do to regain control of my Facebook account?

  25. Bonnie Licata · 575 days ago

    Me too! Please help me get my FB account unlocked. I have followed all the steps they provide, and have changed all my passwords, but when I get to FB's last step:
    "Scan and uninstall

    Click on the button below to download and install the Facebook malicious extension remover for your browser."

    And I click on that button, NOTHING happens. I am stuck. The rest of my computer seems fine. I ran a scan, it showed nothing. I have tried all the steps 20 times....it just seems to go in a circle until I get to that last step, and then it won't do anything when I click on it. So I can't get back into Facebook at all! It does say that is is temporarily locked, so it is just a matter of waiting it out? Or is there anything else I can do?

  26. James · 574 days ago

    Same exact thing here Bonnie!!

    Anybody have any answers?

  27. David · 574 days ago

    I tried to post this link on FB, FB denied the URL link. Weird!! It will allow spammers, but not articles about those spammers.

  28. Shirley · 573 days ago

    I get the message Validation is not available please try later. Also get the Southwest picture asking who I tagged. When I click skip I get nothing. Have changed my password 5 times in the last few days and still nothing. Please HELP.

  29. David · 526 days ago

    Interestingly I tried to post this page to my facebook page as a warning to others and to provide them with information and the link was blocked. I got the massage that "The content you're trying to share includes a link that's been blocked for being spammy or unsafe."

    Weird.

    • That's Facebook being a little ..err.. over-enthusiastic in its (somewhat rudimentary) attempts to stop the scam spreading.

      Unfortunately they're preventing the *warning* about the scam from spreading too.

      D'oh!

    • Pugsley · 522 days ago

      Me, too. It looks like the scammers are fighting back.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.