A new Facebook scam is doing the rounds (no news there) offering the giveaway of 75 Macbook Pro’s. I usually ignore these kind of things but this one intrigued me. Heres a run down of how it works….
The malicious party has set up a Facebook page in the name of Apple and uses a nice and convincing uber high-res Apple logo as the profile picture. Now, not many people on my friends list would see that as a red flag..
Here is a screenshot of the original post, looks pretty convincing..
The scammer is using the Offers feature built into Facebook. This feature is usually used by legitimate businesses that use Facebook to offer vouchers and offers to customers. The offer button was originally labelled “Claim Offer” but I needed to click it to carry out the analysis.
Upon clicking the link you will be sent an official email from Facebook. There is nothing untoward with the email from Facebook, unless you look closely…
The link shown next to the offer offline heading leads to:
This is essentially using a redirect feature in Facebook (used for analytics and tracking) to fool the user into thinking this is a legitimate Facebook page. See where I highlighted the bold text? That’s the site you are being redirected to! Most users are susceptible to this kind of social engineering, but not analysts 😉
Running the site claim[d]macbookpro[d]gerkaf.com through various online sandboxes and repetitional databases indicate the domain is used a lot for malicious purposes. Upon hitting the site above, you are asked to share the post on Facebook and press the ever familiar “Like” button, but this is no ordinary like button.. this one runs opens claim[d]macbookpro[d]gerkaf[d]com/jv.php.
Upon clicking the like button you are sent to yet another scam site.. nnfl[d]net/macbookgiveaway/lan.php. This page is the snare of the operation, asking you to register for another offer to claim you absolutely free Macbook Pro..
I could go on all night about this and I am known for venturing down the rabbit hole when I get started. While this scam does not differ from thousands of others like it, I was intrigued by the use of genuine Facebook features to snare and entice the average user into falling for the trap.