Fraudsters are ramping up for the summer season by launching a new wave of phishing scams targeting holiday makers.
Facebook users are the latest to be targeted with a scam that claims to come from Walt Disney World offering 5 free tickets per family to celebrate its 50th anniversary.
The post includes an image that appears to be one of the free tickets but as we’ve seen in similar scams, it’s nothing but a ruse to trick the user into believing it’s a legitimate giveaway.
If users click on the post, they are redirected through to a website where they are asked to complete a short survey on Disney World before applying for their free tickets.
The website then appears to verify the survey before notifying the user that they’ve been selected as the winner of the free tickets. Of course, there are no free tickets and the scam is just a cunning way to harvest personal details, fill pages with spam or deliver malware.
In order for their scam to reach as wide an audience as possible, the user is then asked to like and share the page before they can receive their free tickets.
An increasing number of fake pages on Facebook are specifically designed to increase their popularity by tricking users into liking them. This is commonly known as ‘Like-Farming’.
The goal of the fraudsters is to increase the value of the Facebook page so it can be sold on the black market or used to distribute further scams. The more likes a page has, the more profitable it becomes.
But the scam doesn’t end there. Even after the user has completed the survey and liked and shared the page, they are instructed to verify their entry by clicking on a link. This opens a third-party website that promises more prizes if the user enters detailed personal information.
Users should be extra vigilant on social media and do their research before entering any competitions or giveaways for free tickets. It’s worthwhile going directly to a company’s website to check if they are running the same promotion. If there’s no mention if it on their site, chances are it’s a fake.
To avoid be duped by one of the many scams on social media, there are a number of precautionary measures you should take:
- Never click on links or download attachments from unknown sources
- Look for the blue tick – If you’re on the Facebook page of a legitimate company, it should have a blue tick which means it’s a verified account.
- Find out when the page was created – Check to see when the page was created, what information’s on it and how far back the posts go. If it’s only recently been created, it’s more than likely fraudulent.
- Check for terms and conditions – All competitions in the UK must have terms & conditions and these must be easily accessible to all entrants. If there are no T&C’s, suspicions should be raised.
- Install Anti-Virus Software – The installation of anti-virus software will help detect threats on your device and block unauthorised users from gaining access. A good software programme will also prevent you from accessing sites that Facebook is trying to redirect you to.
- Register for phishing updates from Facebook’s security page – The Facebook security page will keep you up to date with any news or updates regarding recent phishing attacks.