Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Survey Scammers Moving to Pinterest

Created: 13 Mar 2012 17:27:23 GMT • Updated: 23 Jan 2014 18:16:51 GMT • Translations available: 日本語
Nishant Doshi's picture
+2 2 Votes
Login to vote

Survey scammers like to place enticing links in places such as forums, article comments, and social networks. These enticing links lead to surveys that promise items such as gift cards or free electronics, as long as you fill out multiple marketing surveys. Rarely is someone able to complete an entire set of surveys and the promise of a free item is rarely fulfilled, as we’ve discussed in the past with survey scammers spamming social networks.

A new social networking website called Pinterest garnered attention from the media after buzz at an interactive entertainment conference this month. Pinterest allows users to create virtual corkboards, pin content from other external Web pages onto these boards, and then share their boards with others. The new-found attention has not only brought new users, but scammers as well. Recent news articles have discussed how scammers are posting enticing images and links to supposed free offers onto Pinterest boards.
 

Figure 1. Example scam pins on Pinterest pointing to supposed free gift cards
 

If an unsuspecting Pinterest user clicks on the link for one of the scam images, he or she is taken to an external website. The website states that in order to take advantage of the offer, they must re-pin the offer onto their own Pinterest board. This helps propagate the scam, as it now gains further credibility by being posted by a trusted source. Some of the trusted source’s followers subsequently fall for the same scam, then their followers as well, and so on.
 

Figure 2. A user is asked to pin something to his or her board
 

After re-pinning the scam, the user is asked to click the second link on the landing page. This link redirects the user to a survey scam page.
 

Figure 3. The user is redirected to a scam survey or offer page
 

Most scam pages ask the user to fill in surveys, sign-up for subscription services, reveal personal information, or even install unwanted executables. These types of scams are already popular on other social networking websites and Pinterest is only the latest site scammers are leveraging for their attacks.

Some of the Pinterest scams we analyzed led to a cost-per-action (CPA) based network.. For each successful conversion the scammer is expected to make between one and 64 US dollars. We speculate that a scammer might be earning a few hundred dollars each day from these scams.

We are able to determine that, while this is new to Pinterest, the scammers are not new to this game and are behind similar, previously successful scams on other social networks. Furthermore, they are not expert Web programmers, as they required multiple iterations to get their code to work.

For example, the scammers wanted to enforce a check that ensured that the user re-pinned the scam before sending them to the free offer surveys. However, in the first iteration of the scam, the code does not redirect the user to any external scam survey site. If someone clicked the survey link, it would just prompt the user to remind them to re-pin the content.
 

Figure 4. The first iteration of the scam
 

In the second iteration we can see that the scammer has added a link to a scam survey site; however, there is no check to ensure that the user has finished the first step of re-pinning the content.
 

Figure 5. The second iteration of the scam
 

Soon after, we discovered a post on a popular programming forum asking the programming community for help implementing this check.
 

Figure 6. A post on a programming forum asking for help
 

In fact the same code was used in the third iteration of the scam, as shown below.
 

Figure 7. The third iteration of the scam
 

The final iteration has some additional changes, including code to dynamically choose the landing page, the marketing message, and the image to be used in the Pinterest pin.
 

Figure 8. The scammers use randomly selected marketing messages, image, and landing pages
 

In light of these scams on popular social networking websites, we encourage users to avoid offers that appear too good to be true and not re-pin such content. We also encourage them to review their Pinterest boards and remove pins related to such scam surveys. In addition, Symantec SafeWeb and IPS technologies, available in Symantec antivirus products, will block users from seeing such scam surveys.