Go Back   SZONE.US Forums > Do it yourself (DIY) > Web Tips > Web Findings

Web Findings Here you will find information about the internet.

The iPhone 6S 1 Facebook UK Scam

Views:1534
Reply
Thread Tools Search this Thread Rate Thread
  #1  
Unread 10.15.15, 01:23 PM
Zachariah Boren's Avatar
Zachariah Boren Zachariah Boren is offline
Administrator
 
Join Date: 02.07
Location: Canoga Park, CA
Posts: 928
Blog Entries: 6
Images: 10075
Send a message via ICQ to Zachariah Boren Send a message via MSN to Zachariah Boren Send a message via twitter to Zachariah Boren
The iPhone 6S 1 Facebook UK Scam

10.14.15 10:05 PM

Apple products are no strangers when it comes to the world of online scams, so it was no surprise recently when Raytheon | Websense® Security Labs™ researchers discovered a new Facebook post being shared that was offering an iPhone 6S for only £1. Of course, getting a brand new iPhone 6S for £1 sounds too good to be true, and it was, so we decided to investigate and delve deeper into this particular scam.



Raytheon | Websense customers are protected against this threat via real-time analytics with ACE, the Websense Advanced Classification Engine, at the different stages of the attack detailed below:


  • Stage 2 (Lure) - ACE has protection against the fake news article used in this scam and the scam site itself.
  • Stage 3 (Redirect) - ACE has protection against the site used to redirect users to the eventual scam landing page.

The Lure



Targets of this scam will typically see a Facebook post that has been shared by their friends and other victims of the scam, such as the one below:







Clicking on the post ends up redirecting to a fake news article on igadgete[.]com. The news article claims that a "trusted distribution partner" of Apple named "FunkyClock" is giving away iPhone 6S phones for £1 as part of a new promotion. We have also seen a French-themed version of this scam at latribune[.]igadgete[.]com.







They even try to alleviate the reader's suspicions of a scam by acknowledging that the promotion seems "too good to be true" and providing a fake testimonial from a happy consumer. Obviously, this is all a complete lie and is set to entice a user into clicking on another link in the article, which ends up redirecting through a chain of affiliate links to another site, funkyclock[.]com.







Most people would probably notice some discrepancies here and reading the terms and conditions reveals that funkyclock[.]com has a subscription model for accessing trivia games and prize draws.







If users enter their card details into this website, they will be charged a total of £75 if they do not cancel the subscription before the 3-day "trial period" is over. It is highly likely that cancelling this subscription may be difficult or impossible, so the best thing to do is to stay away from sites like this and to never enter your card details.



Traffic and Profits



Funkyclock has steadily been receiving more traffic to its site in the last few months and is currently receiving over 7 million estimated visits per month according to SimilarWeb:





If they are retaining approximately 30% of their traffic, then over 2 million users are potentially falling victim to this site. Even if only 1% of those users enter their card details and do not stop the subsequent subscription fee, that is a profit of over £1.62million per month. For that amount, they could probably get away with giving away a few iPhones. And this doesn't even take into account the revenue they could be generating just from traffic to their site and affiliates.



Summary



Always be aware of an offer that seems too good to be true, because it almost certainly always is. If in doubt, Raytheon | Websense suggests the following:



• Never enter your card details into websites that you do not know or trust.
• If something doesn't feel right, stop what you're doing and seek help.



Blog author: Nick Griffin




http://community.websense.com/blogs/...63-1-scam.aspx
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Rate This Thread
Rate This Thread:



All times are GMT -8. The time now is 04:56 AM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright 2007 - 20017 SZONE.US All rights reserved