iPhone 6 Scam Returns

Posted: January 12, 2015 by Jovi Umawing
Last updated: March 30, 2016

We’re seeing what appears to be a familiar scam on the verge of a comeback.

As you can see, we first encountered the spammed link on LinkedIn, thanks to a user named Kolko Kolko, who according to his profile is a coach and has the face of an A-list celebrity.

Doing a quick online search using the Goog.gl shortened URL brings up other domains—Google Plus, Livejournal, and Picasa, specifically—where the list is also being posted and shared.

Once users click the link, they are directed to a survey scam page. Below is an example:

click to enlarge

The above page is a type of survey that gives users the option to skip. Doing so, however, opens additional layers of survey pages that needs skipping until such a point that users encounter a page they could not escape, such as this:

click to enlarge

Note that the surveys vary depending on the user’s location. Below are the possible pages one may encounter when he/she is located in, say, Australia:

This slideshow requires JavaScript.

Should you encounter any posts from random users on sites you frequent with regard to claiming an iPhone 6, don’t click the link. Instead, warn friends and contacts on that site to avoid falling for it, too.

Jovi Umawing

COMMENTS

Brandon Anderson

Yeah these are tame ones…A few weeks ago we had one that got 12 of my friends. I turn my tagging off but the new ones use comments of you of you Facebook to click it. They take you to a fake Facebook sign in page to gain your credentials. I have to use a virtual machine to check out the links securely to ensure I don’t get hit with XSS or the like. I like to check these links out and find out their payload.
Jovi Umawing

Hello, Brandon 🙂 Thanks for the information!
Shadowfax71957

What happens if you click the link, and then just close the page once all the surveys start popping up? Anything?
Jovi Umawing

Shadowfax71957, as far as my testing went, there was no visible threat once the user closes the window just as the survey page starts to pop up.

Hope this helps! 🙂
Pingback: More iPhone 6 Scams in the Wild | Malwarebytes Unpacked()

RELATED ARTICLES

Cybercrime | Malware

Intentional PE Corruption

April 30, 2012 - Malwarebytes Anti-Malware is under constant attack. 24 hours per day, 7 days per week, 365 days per year. If you read my recent blog post about the development of Malwarebytes Chameleon, you know that we at Malwarebytes have big red ‘X’s on our chests; the bad guys are always out to get us. Malwarebytes Anti-Malware...

CONTINUE READING 14 Comments

Cybercrime | Malware

The Cat-and-Mouse Game: The Story of Malwarebytes Chameleon

April 24, 2012 - The fight against malware is a cat-and-mouse game. It is constant and constantly escalating. They make a move, you counter it, they counter your counter, lather, rinse, repeat. What’s more: malware almost always has the advantage. Our software Malwarebytes Anti-Malware earned a reputation for having a high success rate in combating new in-the-wild malware infections:...

CONTINUE READING 7 Comments

Cybercrime | Hacking

Cybercrime at $12.5 Billion: The Great Underreported Threat

May 7, 2012 - From the outside looking in, it may appear that the press regularly reports stories when a company’s website, database or intellectual property has been hacked, stolen or compromised. The more eye-opening fact of the matter is that the scale and scope of the cybercrime problem is much, much larger and the actual incidences of these...

CONTINUE READING 2 Comments

Cybercrime | Hacking

DDOS, Botnets and Worms…Oh My!

May 14, 2012 - The recent attack on the Serious Organized Crime Agency (SOCA), most likely in response to the 36 data selling sites shut down a few weeks ago, lead to the admission by high ranking SOCA officials that the Ministry of Defense networks need to “beef up their security.” In response to this we would like to...

CONTINUE READING 1 Comment

Cybercrime | Exploits

“The Sky is Falling… Are You at Risk from the Flame Malware?”

June 1, 2012 - The last time I checked with Google News this morning there were over 19,100,000 results for “flame malware”. You may have heard many stories this week about this complex trojan. Here are links to three of my current personal favorite articles on “Flame”. Powerful ‘Flame’ cyberweapon tied to popular Angry Birds game – (Fox News)...

CONTINUE READING 3 Comments

ABOUT THE AUTHOR

Jovi Umawing
Malware Intelligence Analyst

Technical writer, researcher, and marketing fellow fascinated by psychology, architecture, and supercars. A habitual night owl.

CATEGORIES

101 Cybercrime Malwarebytes news PUP Security world

SEARCH LABS

TOP POSTS