This weekend one of my favorite bands won free concert tickets on Twitter. They tweeted about the message they received from another Twitter user.
Figure 1. Sarcastic tweet about free concert tickets
This type of scam looked familiar from a security standpoint. Upon further investigation, we at Symantec Security Response confirmed these suspicions.
Figure 2. Spam account replies to specific tweet
I wrote a blog about free stuff on social networks and how it was not free about a year ago. These fake accounts were offering free devices and free gift cards to users tweeting specific keywords. In this case, the band wrote about their albums of the year (AOTY) picks, which mentioned Kanye West in the tweet. His name was used as a keyword that a random fake account was monitoring, which led to a reply offering free concert tickets. If a Twitter user tweets the name of an artist (e.g., Kanye, J. Cole, Jay-Z, Beyoncé), they are likely to receive one of these tweets.
106 & Park is a music video countdown show that airs weekdays on BET (Black Entertainment Television). The show has an official Twitter account that has over 5 million followers and over 13,000 tweets. The fake Twitter accounts are using the official logo and background image to try to convince users that they are legitimate. However, these fake Twitter accounts typically have no followers and only a couple of tweets, making it obvious that this is a scam.
Figure 3. Official 106 & Park Twitter account
Figure 4. Fake 106 & Park Twitter account
One thing to note here is that unlike before, these scam accounts are not providing a direct link to users in their reply. Instead, they are asking users to visit their profile page in order to click on a link in their profile bio.
Users that click on this link will be directed to a page that contains more BET branding, featuring images of some of today’s most well-known artists.
Figure 5. Free ticket scam landing page
Clicking on the “CLAIM MY VIP TICKETS” button on a computer leads users to a page that requests personal information from the user. However, it does not appear that this information is captured by the scammers. Rather, this is for cosmetic purposes, to make it appear as though this free ticket offer is legitimate.
Figure 6. V.I.P. Giveaway page requests personal information
If users visit the same page from a mobile phone, they are asked to install one out of a choice of several applications instead. This is one way to make money from a scam like this, through affiliate programs, and scammers have just recently started using these mobile affiliate programs. One of the most recent examples targeted users of Twitter’s video sharing service, Vine.
Figure 7. Mobile affiliate program for app installation
Figure 8. Fake page offering free tickets to One Direction and Justin Bieber concerts
Similar scam tweets
In recent months, fans tweeting about pop stars One Direction, Justin Bieber, and Rihanna or their respective tours received the same type of scam tweets. In these cases, the landing pages for the scams asked them to fill out surveys, another common method scammers use to monetize these campaigns.
Figure 9. Fake page offering free tickets to Rihanna’s Diamonds tour
Right now, there are hundreds of fake accounts on Twitter spreading these types of scams. The most prominent one is the concert ticket scam. However, we are also seeing this exact type of scam with other lures, including:
- Free exercise equipment for users tweeting about the gym or working out
- Entry in a prize sweepstakes for $5,000 for users tweeting about being bored
- Access to an exclusive jobs database for users tweeting about work or jobs
If you’re a Twitter user and you receive a message claiming that you’re the winner of one of these prizes, you should immediately question it, be wary about clicking on any links, and report these fake accounts to Twitter.
When it comes to being a modern fan, if you’re offered free concert tickets, be very skeptical. Check the official social media accounts for the brands or artists to verify and if you’re still not sure, recognize that it is likely a scam.