The new websites we found also seemingly offer 50€ gift cards to the first 5,000 customers who follow the instructions given. This means the users have to share this particular site on Facebook, among other things. Sharing the website entails that many more people reach out to the website and the money is put into the fraudsters’ pockets, generated through the ad integration.
The ad server used in this case is a different one (Sponsorads.de) and the registrar as well as server host country (Denmark) changed as well. The fraudsters ask the users to post a very similar phrase on their wall (“Die große Neueröffnung”, now even with a capital “N”) but this electronic retailer’s shop is online since October already.
The retailer reacted and commented on a customer’s Facebook wall entry to explain that they have nothing to do with this campaign:
What users can do to be protected:
- Use an up-to-date, comprehensive security solution with a virus scanner, firewall, http scan and real-time protection. A spam filter, to get rid of unwanted spam, is a must-have, too.
- Do not click on links or download files if you received a message from a foreigner. The websites and files might harm your PC. Even if the message comes from a friend, but looks different from usual messages, you better ask him and reassure yourself that he willingly sent you this message. The domains used for this kind of scam try to lure users with a combination of key words related to the dominant topic, in this case the electronic goods retailer and free gift cards, to look more credible.
- Do not surf the Internet while you are logged in to services like social networks simultaneously in the same browser. Fraudsters can manipulate your browser session and use your social network account to spread unwanted messages, etc.
- Always log-out after your visit in social networks. Especially if the computer you are using is used by several other people or is a public machine, e.g. in universities, internet cafés, etc.