Southwest Two free tickets Spam on facebook

Warning: Illegal string offset 'filter' in /home/crypton1/public_html/ on line 1409


Every other day either I am tagged on Facebook with Southwest free tickets or I keep hearing my friends who signed up for this spam.  This has been going on for a while and Facebook has not been able to do anything with their security/fraud team.

This version says something along the lines of “TWO FREE Southwest Airline Tickets” followed by a link to a fraudulent website. It also has the following description, according to Sophos: “SW is currently giving away 2 tickets to any destination within the United States, only to a few select people.”

mobilesecuritythreatresearch, when a user clicks on the link thinking he/she want to get those two free tickets, the user account gets hijacked by tagging a bunch of people and posting the post on Facebook timeline without user consent.  Since the user’s friends are tagged with the username on the certificate its obvious than most people will trust it which is why this spam is still running around around for a while.

When people click on the link for the purported free ticket offer, it allows the schemers to essentially hijack their Facebook account. Their account then posts the offer, appearing in their friends’ Facebook feeds.

At this point I don’t think there is any mitigation techniques because Facebook hasn’t done anything and the click is happening at client level.
Sophos video :

Below is the screenshot.













Sophos lbas has more detailed which is similar to the above one posted last years here

Share Button
Tagged with 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>