Everyone knows the old saying: if it sounds too good to be true, it is. But what many Facebook users may not realize is: if it looks too good to be true, it probably is also.
Facecrooks, a website that monitors Facebook scams, discovered Sunday that cyber-ne’re-do-wells were posing as Southwest Airlines and conning unsuspecting users into downloading their rogue application by promising free plane tickets.
This scam is, in many ways, like the others that have come before it: the malicious link is posted by friends or family (all victims of the hoax), the link leads to a screen where the user is asked to download the app in exchange for access to his or her profile information, the scammers then take over the user’s profile to spread the malicious link further.
However, there are two ways the Southwest scam is different than similar scams from the past.
The first is the malicious link appears to be spread via the comments function, not status updates.
So, instead of spamming the user’s dashboard, he or she might see a seemingly random comment from Aunt Helen under a picture the user posted. If the user thinks Aunt Helen is so excited about this deal, she just had to share it as quickly as possible, even in a picture comment, the user might be more tempted to click on the link.
The second difference is how legitimate the application looks. The scammers appeared to done their homework.
Naked Security, the IT security blog on Sophos.com, posted a step-by-step look at the application downloading process, revealing the first thing unsuspecting victims see after clicking the malicious link is a website that looks very much like the actual Southwest Airlines homepage.
Now that more companies are offering special perks to their Facebook friends, users may have a hard time telling the difference between real and fake, especially when the graphics look so similar.
Using plane tickets to bait potential scam victims is not new. In the past, scammers have posed as JetBlue and Delta Air Lines, offering tempting deals to ensnare their victims.
And as airline ticket prices continue to soar, Graham Cluley of Sophos.com thinks this is a trend that’s here to stay.
“Will we see more of these air ticket-related scams in the future on Facebook? I would bet money on it. After all, everyone dreams of the idea of flying off somewhere without having to pay for the privilege,” said Cluley.
What could be changing, though, is how similar these scam applications look to the real, legitimate sites they’re pretending to be affiliated with. This could make differentiating between real perks offered by companies on Facebook and the scams that much more difficult.
If you fell victim to the Southwest hoax, Cluley offers some help on how to remove the rogue application from your profile and blocking their access to your information.