Sophos Cloud Optix
I often keep my eye on Google Trends for the latest sources of threats and scams. As Onur and I discussed in our podcast on Blackhat SEO, the groups behind the manipulation of search results are automatically consuming the latest popular searches from Google Trends and doing their best to place their malicious/spam content at the top. Over the past few months, Google has done a great job at keeping the bad results out, but tonight they slipped up a bit.
The good news is that no malware is involved. The bad news is that money-making scams can use many methods aside from infecting your PC, and tonight’s story is no exception. It begins with a popular Google search: “the 100% most genius reply to a threatening formspring question!”.
Formspring.me, by the way, is a social media site that allows others to anonymously ask you personal questions. The site is controversial because its anonymity leads some to use the site for bullying and other bad behavior.
Clicking on the Facebook result, the seemingly credible one, leads you to a Facebook fan page that says you should “like” the page to see the answer, struck through in red. I’ve blacked out the crude content in the question.
Once you have “liked” the page it presents you with a link that reads “Want to see the 100% most GENIUS formspring reply? Click here!” Unfortunately, clicking the link takes you to a blogspot.com page with a popup saying you must complete a quiz to see the answer. This is the same result you get when you click the other dodgy link from the Google search results.
No matter which quiz you pick, you get the same result: a Flash-like quiz that requests your cell phone number so they can presumably contact you to give you the prize and inform you of further quiz opportunities to increase your chances of winning.
As with all things that seem too good to be true, the fine print reveals that you will be sent additional quiz entries for $2 apiece four times per week. $32 a month is a pretty good take for the price of a single iPad.
Additionally, the answer, which is freely available on www.bypassfanpages.com, is not only vulgar, but pointless. I had no idea what Formspring was before tonight, but from a security perspective, it seems to be yet another way to publicly disclose personal information that can be used to impersonate you or steal your identity.
Any way you look at this situation, it will result in disappointment in the long run. Don’t let your curiosity get the better of you.