The good news is that you wonâ€™t be sent items that you never requested. The bad news? You still pay for them.
A survey scam recently analyzed by Bitdefender follows a well-worn path that is so common it rarely makes a mention in the news. But we find ourselves compelled to cover these types of scams on occasion to remind users that, like landmines left over from an old war, even old scams claim new victims.
In this scam, an online survey asks users three questions about their video watching habits on YouTube in return for an allegedly big chance of winning a Macbook AirÂ®, iPhone 4SÂ®, or a iPad 2Â®.
The survey window pops out of a torrent page to inform the user he has been selected to answer a few questions about online video watching routine. The user may be lured with gifts, online games, or tempting services. Theyâ€™re all advertised as free, yet they never are.
The survey window looks like this:
Â â€œCongratulations! Youâ€™ve been selected from the Iasi region to take part in our annual visitor survey. This will only take 30 seconds of your time and will enhance user experience. Upon completion you will have the opportunity to get a Macbook AirÂ®, iPhone 4SÂ®, or a iPad 2Â®. Start Now!â€
The user is given a link that takes him to a dedicated survey page where he is shown the three questions.
The answers probe the user for personal data such as name, address, telephone number, and phone provider. This sensitive information will most likely be used to overcharge the user with services he never asked for and will never receive.
The crook behind this scam uses ip-to-location to personalize the greeting. If, say, youâ€™re in San Francisco, your message will read: â€œYouâ€™ve been selected from the San Francisco region.â€
The Privacy, Terms and About Us sections are just as lengthy and tedious as their legitimate counterparts. The scammer spends a lot of time filling in that data to gain credibility and, with the reams of fine print, discourage the victim from reading it all.
This scam would not trick a trained eye, but unfortunately a lot of innocent users out there could believe they are having a lucky day, and fill in their private data only to have their number signed up to overcharged services (ringtones, horoscope and so on), or to have their private data stored into a database for later, when the phishing mood kicks in.
This article is based on the technical information provided courtesy of Doina Cosovan, Bitdefender Virus Analyst.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.