Symantec has observed a new spam tactic being used in which fake surveys are seeking users' opinions or views on features provided by their social networking site. The sample shown below is one such spam email targeting Facebook:
Various “Subject” lines of this spam are as follows:
Subject: Take our online survey and receive a new gaming unit!
Subject: Take our social networking survey and get a gift card!
Subject: Give your opinion on social networks and choose your prize!
Subject: Receive a hot new MP#3 player for your opinions!
Upon clicking the link provided in the message, the user is redirected to a fake survey page where the user has to answer questions related to features provided by social networking site. Upon completion of survey, the users are promised exciting gifts.
Spammers are trying to demonstrate the legitimacy of the scam by notifying users of a few required terms and conditions, such as:
1) Participants must be a U.S. resident at least 18 years of age or older.
2) Users must register with valid information.
The sample shown below is a screenshot of one such fake survey:
Once the survey is completed, the Web page is redirected and it asks users to enter their personal information in order to receive the gift they have selected. The sample shown below is a screenshot of a bogus/spammy Web page that asks for personal information to claim the gifts:
The important thing to note is that sharing personal information is a threat to privacy and it can be sold to Internet marketers without the knowledge of the user. So, users need to be very careful when sharing personal details in such unsolicited surveys.
Here are some of basic tips for avoiding online scams:
1. Do not click on links from unsolicited emails.
2. Be suspicious of email messages that ask for personal or financial information. Many phishing scams are designed to gain access to financial accounts that can be drained of funds by the scammers
3. Use security software, such as Norton Internet Security, that protects you from malicious activity and online scams.
Note: Thanks to Anand Muralidharan for contributed content.