Facebook users should beware the latest scam doing the rounds on the social network. A so-called opportunity to win free tickets with Southwest Airlines may look like a dream come true, but in fact is an opportunity for scammers to harvest your information.
Naked Security reader Wayne told us that he'd seen the messages being spread from the Facebook account of his daughter and her work colleagues, and further investigation found others users' accounts being used to spread the scam links.
What's interesting, as our friends at Facecrooks point out, is that the messages are being spread via comments on other users' walls rather than as status updates.
sweet! i just got 2 free flight vouchers from Southwest Air to fly to any destination i can think of lmao! i didnt believe it would work but it was, got it here..[LINK] try for yourself i just figured i would share with everyone
hey, i got my free Southwest airfare from [LINK] u should submit for a your own pair while they are still offering them!
hi, i just got my free Southwest airfare from [LINK] you should claim your own pair while its still available!
Southwest is offering complementary flights..but for a short time only: [LINK]
wassup, i just picked up my free Southwest tickets from [LINK] you should request yours while its available!
If you do click on the links you're taken to a webpage which looks like the genuine Southwest Airlines website, but instead urges you to connect with it via Facebook.
The offer of free tickets may have proven too attractive a lure, of course, and so you might agree to proceed - whereupon you are greeted with the all-too-familiar sight of a Facebook dialog asking for your permission to install a third-party application.
This rogue application can access your profile, and post messages from your account - allowing the scam to spread widely.
You'll then be presented with a series of questions and offers, which scoop up your personal information. Would you be prepared to give this level of information about yourself to a complete stranger in the street? (Well, perhaps you would as the video we made on the roads of Bristol proved..)
But you shouldn't be so keen to share your personally identifiable information, especially when you cannot be sure what is going to be done with it.
Will we see more of these air ticket-related scams in the future on Facebook? I would bet money on it. After all, everyone dreams of the idea of flying off somewhere without having to pay for the privilege. In the past, we've seen Facebook scams regarding free tickets with JetBlue and Delta Air Lines, so it's not really a surprise to see the latest scam use a similar ploy.
If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here's a YouTube video I made which describes what steps you need to take:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 100,000 people regularly share information on threats and discuss the latest security news.
You could also do a lot worse than check out our best practices for better privacy and security on Facebook guide.Follow @NakedSecurity