Some Competitions Are Not Worth Winning
Some Competitions Are Not Worth Winning
AVG (AU/NZ) warns of ‘Cost per Action’ cyber fraud
AUCKLAND 10 April 2012 – AVG (AU/NZ) Pty Ltd, the distributor of the award-winning AVG Internet and mobile security software in New Zealand, Australia and South Pacific, alerts Internet shoppers to be on the lookout for scams infiltrating online competitions.
Michael McKinnon, Security Advisor at AVG (AU/NZ) Pty Ltd, said: “Cyber criminals have created highly lucrative illicit revenue streams by using legitimate advertising networks and fraudulently altering promotional collateral, including competition entry forms – often from large and otherwise trusted brand names.”
The method that makes this type of fraud possible is a commercial Internet marketing arrangement known as “Cost per Action” (CPA) sometimes also called “Cost per Acquisition”, which pays an advertiser for each action they can get someone to complete. These actions can be as simple as capturing an email address from a competition entry, or as complex as an online marketing survey that takes 15 minutes to complete.
Online fraudsters sign up to an advertising network - usually with false details, but just enough to collect a payment. They then copy and digitally alter promotional and competition offers to make them seem much more enticing – such as changing a $100 prize to a $10,000 prize. This produces better response rates to the legitimate offer and hence opens more people to the scam.
Falling for a CPA scam is at its most innocuous a time waster but according to McKinnon there are more serious ramifications:
There
is the risk of divulging potentially personal information in
surveys and other forms that may act as a springboard for
either identity fraud if the data ends up in the wrong hands
and costing money, or much more time being wasted through
dealing with further contact from telemarketers and other
companies making direct contact with all manner of
offers.
A blended threat may occur by innocently
providing your mobile phone number in an online survey and
then receiving an SMS offer which contains a malicious link
to a rogue mobile application which in turn starts sending
premium SMSs that are charged to your monthly bill without
you noticing, and again putting money in the pockets of the
scammers.
McKinnon says: “The saddest part is that people who are vulnerable - to the extent that they fall for the initial survey and competition scams - are often very easy targets for further attack, and cybercriminals like to exploit this to their advantage by extending their reach with each victim.”
AVG (AU/NZ)’s clues as to what to look for and how to avoid trouble:
One of the most
obvious tell-tale signs can be mismatched buttons or images.
For example, sometimes an ‘action’ button is a slightly
different colour from the rest of the page, and a different
size and alignment. These ‘amateurish’ adjustments are
clues which you should scan carefully for.
Being
directed to multiple offers or surveys in quick succession
is a sign that you’re being led down ‘scammer’s
lane’. It is common for cyber crooks to chain lures
together to encourage you to fill out several entries –
remember for each one you complete, they receive a
fraudulent payment.
The URL in your browser address
bar can provide some idea of the legitimacy of the offer or
survey form. The most obvious sign is an IP Address
http://n.n.n.n/ - (where n is a number) instead of a domain
name.
Many of these types of fraudulent offers and
promotions are presented in conjunction with other viral
campaigns. For example, if you try to click on a video and
then you get a popup asking you to enter the competition or
complete a survey first, this signals you are being scammed
into providing the ‘action’ that is going to put money
in the scammer’s pocket and waste your time.
For safe, fun online exploration McKinnon advises that: “Vigilance and calm are the key words here. Take your time, read and look carefully and don’t click before you think.”
For the series of informative security tips, how-to and fact sheets see:
www.avg.co.nz/resources/security-tips/. For video tips from AVG (AU/NZ), see: www.youtube.com/user/avgaunz
Keep in touch with AVG (AU/NZ)
For breaking news, follow AVG
(AU/NZ) on Twitter at twitter.com/avgaunz
Join our
Facebook community at www.facebook.com/avgaunz
For
security trends, analysis, follow the AVG (AU/NZ) blog at
resources.avg.co.nz
### ENDS ###