Sophos Cloud Optix
Are Walmart and Ikea *really* giving away gift cards via Twitter? And, if so, would they want you to vote for your favourite character from a low-brow reality TV show?
Naked Security has written many times about the problem of gift voucher scams being spread on Facebook. Messages are posted claiming to offer gift cards for well-known brands such as Starbucks, CostCo or Argos, and when users click on the links they are tricked into completing online surveys.
Some of the scams earn affiliate income for the spammers behind them, others are designed to steal your personal information or to charge your credit card or mobile phone bill.
It seems hardly a day goes by without new survey scams rearing their ugly heads on Facebook.
But it’s not just Facebook that is being troubled by survey scams, they are being encountered on Twitter too.
In this case, a Twitter account has posted a message directed at a number of random Twitter users, including a link, and the hashtag “#walmart gift card”.
And here’s an example, claiming to be related to an Ikea gift card:
When I clicked on one of the links I was taken to a website which didn’t offer me freebies from Ikea or Walmart, but vouchers for free make-up, pizza or a £50 VISA gift card instead.
All I had to do, claimed the website, was vote for my favourite cast member of “Geordie Shore”. (For those fortunate enough not to know, “Geordie Shore” is an execrable British TV “reality” show – in the style of America’s “Jersey Shore” – following the lives of “glamorous” young people in sun-kissed Newcastle Upon Tyne.)
Of course, I visited the link from the UK. Chances are that different offers and surveys are offered if you visit from other parts of the world.
Always be suspicious of unsolicited messages – whether they be sent to you via Facebook, Twitter or email – and always be cautious about clicking on unknown links and handing over your data with the promise of receiving something in return.
And if you ever find your own Twitter account is pumping out messages without your permission, change your password and revoke permissions from any suspicious apps or websites that you may have allowed to post on your behalf.
Naked Security’s Paul Ducklin described the scam issue well in a video he made last year, when Twitter users were hit by a bait-and-switch scam offering a free iPhone spread on Twitter.
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like.)
Clearly these survey scams are making money for the bad guys – so do what you can to ensure that you aren’t making it easy to put more money into their pockets.
We just, a few minutes ago, got a text on our phone saying we had won a $1000 Walmart gift card. All we had to do was go to giftcard2.com, code word giveme to claim it. A Google search showed a site with awful spelling or typing, or just ESL errors saying it was giving $1000 Walmart cards away for online shopping. Unfortunately, my husband replied to the text saying we didn't ever shop at Walmart. Hope we are not vulnerable.
This is also the case with survey spammers cashing in on new and even upcoming consoles such as the Xbox One or the 3DS, posting links to supposed “emulators” that claim to be capable of running games from the said platforms, only to reveal that they’ll ask you to fill up such surveys before letting you download a “BIOS”. What’s insulting is that there’s really no such “BIOS” (besides that legitimate emulator authors would frown upon putting firmware images up for download as it is illegal to do so), and the “emulator” itself is nothing more than a quick pretend hackjob written in .NET with no emulation code whatsoever.