Survey Scams Aimed at Social Networking Netizens

Written by: Oscar Celestino Angelo Abendan ll

Social networking is a tool to connect with friends and family. But for cybercriminals, sites like Facebook and Twitter are emerging platforms to target users. Scams continuously lure users to ad tracking sites and survey pages to earn profit and steal data. One survey scam we found takes advantage of Stop Online Piracy Act (SOPA). Scammers have also set their eyes on Pinterest users and "repinned" URLs that eventually led to more survey scams.

This FAQ provides users with necessary information on how to better protect them from this ruse.

How do users encounter this threat?

Survey scams are typically found on social networking sites like Facebook. They come in the form of wall posts with a link. They use clever social engineering techniques like mentioning popular news items about celebrities, or political issues. Another popular hook is mentioning a contest or prize giveaway. By hooking survey scams with effective social engineering lures, users are likely to click the links or follow the instructions included in the posts.

Some of the bait we've seen so far include free tickets to Breaking Dawn Part 2, iPad 3 giveaways, a Facebook Valentine Theme, news of Whitney Houston's demise, and Lady Gaga's supposed death.

As previously mentioned, scammers have also targeted Pinterest. Instead of wall posts, "repins" show promos or prizes from well-known brands, along with a website where users can supposedly avail of them.

How does this threat work?

Users are first lead to survey scams through posts on social networking sites These posts use social engineering to trick users into clicking the links in these posts. Users are then led to several redirections.

Users are directed to rogue Facebook apps or pages embedded with the malicious URLs. The said Facebook app page may oftentimes be the malicious site itself:



Next, users are redirected unknowingly to ad-tracking sites. These sites track the number of web page visits, which serves as additional revenue for cybercriminals:


Users see the scam site which typically offers the said promotion or gift to users. You may find a countdown timer in these sites, urging users to click the buttons and join the fake contest or promo. In certain instances, users may also encounter the error prompt "This offer is not available in your country", which indicates that scammers behind this threat are targeting specific countries.

Through a site redirector like click.jve.net, users are then redirected to the survey scam pages, which are typically hosted by enterfactory.com.

Upon survey completion, users are required to provide his/her mobile number. Once done, users will receive a PIN code in his/her mobile. Entering this "PIN code" supposedly reveals the answers to the survey.







In certain scams, such as in the free tickets to Breaking Dawn Part 2 scam, users are required to share the page with their contacts. By doing this, users inadvertently spread these scam pages.


How does a survey scam work in Pinterest?

A Pinterest survey scam works just like what was mentioned above. We noticed two incidents that lead users to survey pages which pose several questions.

The first incident we came across involved "repinned" images by Pinterest users that promote fake promos for Starbucks and luxury brand Coach. To avail of these "promos", users must visit the website indicated in these "repins". Upon visiting these sites, the web page gives instructions to users to repin the images. The last step urges users to click a link that ultimately leads to the survey scam pages. The latest Pinterest scam involves repins that contain links with the keywords "pinterest" coupled with shortened URLs.


What do the scammers get from these surveys?

Profit is the main driver of this threat. Cybercriminals behind these scams earn money by driving users to ad-tracking sites or affiliate sites before actually proceeding to the survey. Cybercriminals set up the survey scam pages for the sole purpose of theft as they may use the gathered information for their future schemes. For example, cybercriminals may distribute spammed messages to the email addresses that they obtained from the survey scams. The messages may contain malicious file attachments or data-stealing malware.

Scammers can also profit by tricking victims into registering for bogus premium SMS services. This is why they ask users to give out their mobile phone numbers.


How does this threat affect me?

Users who fall victim to survey scams are at risk of having their information stolen. These survey pages are known to ask for personal and sensitive information, which cybercriminals may use in their future malicious activities.

Since these scams also require users to disclose their email addresses, scammers may use these for spamming. You can expect a lot of spam in your email if you fall victim to survey scams.

Furthermore, once users follow the instruction to share or "repin" the malicious post, it automatically spreads to their contacts.

How do we distinguish survey scams from legitimate ones?

Not all survey pages are scams. For its intended purpose, surveys are effective tools in voicing out user opinions about specific products and services. Feedback helps improve products and services by knowing consumer needs.

To help you determine real surveys from survey scams, below are some signs you need to watch out for:

  • You can tell it's a scam if the site only asks you for your complete name and email address. Most surveys list both information as optional and would explicitly say why information is needed from you.
  • Survey pages that do not provide details about the company that initiated the survey are usually scams. Legitimate research companies indicate information related to their business, like a company overview, address, history, and logo.
  • Surveys that don't display their privacy policy and how they will use the gathered information are usually scams.

It's a scam if the site promises a huge amount of money or prize in exchange for completing the survey. Market research companies typically persuade users to answer surveys by putting a prime on user satisfaction and suggestions on how to improve products and services. Some give out gifts like gift cards or tokens, but never exorbitant amounts.


How can I protect myself from this threat?

Users must always double-check posts even if they were supposedly sent from a friend. Do some research and check the credibility of a post before clicking the link or following its instruction. Your best defense is caution.

Posts that promise unbelievable prizes should be taken with a grain of salt. If they are too good to be true, they probably are. Bookmarking credible news websites and pages is also a good way of getting the latest news. As social engineering is a key component in this threat’s success, you may read more about how it operates via How Social Engineering Works.

Also, always remember how legitimate surveys are different from scams. In case that users already clicked the link and are now on the survey page, keeping these in mind can at least prevent users from actually giving out sensitive and personal information.

To know more on how to be a better social networking user, you may refer to our digital life e-guide A Guide to Social Media Threats.


Are Trend Micro users protected from this threat?


Yes. Trend Micro protects users from this threat via Trend Micro™ Smart Protection Network™. Web reputation services blocks access to these survey pages. With the Trend Micro and Facebook partnership, users can now expect a more efficient and effective protection against threats that target Facebook users.


FROM THE FIELD: EXPERT INSIGHTS


"Inform your contacts that this contest, tempting as it may sound, is actually just another attempt by cybercriminals to steal personal information."- Christopher Talampas, fraud analyst

"The key to a successful attack is the number of clicks generated by these scams. They are very keen to entice users by providing what is currently "in" or popular among users."- Paul Pajares, fraud analyst