Thursday, October 27, 2011

Thousands Scammed by Facebook Starbucks App

Guest Blog Post by Brittany Lyons ~ 

For many Facebook users, the offer of free Starbucks gift cards is simply too much to pass up. Recently, many users clicked on just such a link that popped up in their friends' status updates, after those friends had “liked” the page. Instead of taking them to a legitimate corporate website, the users were directed to a fraudulent website, where they gave up their private information in order to receive the non-existent gift cards.

Facebook scams like these are not a new occurrence. In August of 2010, the statuses of users' Facebook pages were flooded with messages letting people know that Justin Bieber was giving away free concert tickets. When users clicked the link, they went to a Facebook application page that asked for the user’s mobile phone number in order to enter a contest to win £50,000 (80,000 USD). The catch is that it was also a premium service that charged £4.50 (7 USD) to the mobile phone bill once a week.

The one thing that Justin Bieber and Starbucks have in common is an extremely large fan base, and thus more potential victims who scammers can target. This is also why scams will often be disguised as popular services like online PhD programs. That large number of potential victims is then multiplied by the number of friends that these fans have, and scams like these get passed along from friend to friend like wildfire. It is possible that thousands of people may have given up their personal information before the Starbucks scam app was removed by Facebook.

This connection between friends is what makes Facebook scams different than the email spam messages of the past. Email spam would just get sent to random people, typically by unknown senders, which made them relatively easy to block, filter or just ignore. Facebook scams, on the other hand, rely on trusted connections between friends in order to spread. Once someone has clicked on the link, the app re-posts that same link on their status, sending it out to all of their connections. Since a Facebook user would not be as suspicious of a message or link from a friend as they would with a random sender, there is a better chance of them opening the scam link or message and passing it on.

To avoid scams like this, it's important to know the posting habits of your friends. For example, if friends are posting links when they normally do not post links, or they are linking to something you don't think they are a fan of, there is a good chance that they have been scammed and didn't even post the link in the first place. Most of these links are actually rogue Facebook apps installed on a user’s Facebook page. If you are ever taken to a Facebook application install page, pay attention to whether or not the application asks for authorization to post on your wall, and think carefully before granting that authorization—your friends will thank you.

Users should also avoid giving out personal information as a rule, especially in the case of promotional offers. Check the security setting on your Facebook profile, so that you are using “secure browsing”--that means there is an “https://” in front of the page URL rather than the “http://” that's more common. Secure browsing has a tendency to block all apps, rather than just the scams, but the extra step it takes to open a link will prompt you to think twice about how secure it is. Finally, users can also keep track of ongoing scams and frauds by checking the Facebook page of Sophos, a company that monitors and reports scams, viruses and frauds that are spread throughout the Internet.

Overall, the best mentality to have when seeing promotions that offer gift cards and other goodies on Facebook is this: if something seems to be too good to be true, then it probably is.

Brittany Lyons aspires to be a psychology professor, but decided to take some time off from grad school to help people learn to navigate the academic lifestyle. She currently lives in Spokane, Washington, where she spends her time reading science fiction and walking her dog.

1 comment:

  1. I think I was one of those victims...this is the website htt:// that was posted in my fb newsfeed saying starbucks is giving away a limited amount of $100 gift cards and now I'm getting these scam e-mails. I unsubscribed from some of them, but they keep coming.