As a general rule, anything promising free prizes on the Internet should be ignored. These scams have been around for years and seek to steal information that can be usually leveraged for financial gain (or possibly access to secure networks if a larger hack is being pursued). A recent campaign plaguing social networks, namely Facebook and WhatsApp, however, has been bucking this trend. While initially thought to be a typical phishing campaign surrounding a free Volkswagen contest, it appears that this particular campaign is seeking to gain financially via advertising.
In a post by the cybersecurity team at Sucuri, a fake free Volkswagen giveaway was found to not be quite what researchers thought at first. The campaign was discovered when a team member at Sucuri received a message on WhatsApp in Portuguese. The message directed users to a website that was for a giveaway of 20 Volkswagen cars by the end of the year. When researching the linked page, researchers expected to find typical signs of phishing for data (like forms requesting personal information and the like).
Instead, Sucuri team members uncovered a strange set of circumstances surrounding the Volkswagen giveaway that led them to make another conclusion. The conclusion is as follows:
The main purpose of the site is to request users to resend the campaign link to at least 20 friends on either Facebook Messenger or WhatsApp. Once the campaign has been shared, the scam authors promise to contact you on Facebook… The goal, in this case, seems to be a simple advertisement designed to spread to as many viewers as possible… After clicking one of the page objects, there’s a big chance you will be redirected to a third-party ad server. These redirects are random and lead to a different advertisement every time.
Based on all of this information, and also analyzing the JavaScript of the pages, it was determined that the scammers were trying to gain ad cash via an influx of page traffic. This is a very old strategy that, while not nearly as malicious as malvertising, it is still nefarious as it takes advantage of innocent people to make money. There is also the possibility that personal data, like IP addresses, are logged by the sites used. No matter what, use your head and avoid anything that seems too good to be true.
Featured image: Volkswagen
