iPad scammers pwn Lady Gaga's Facebook page Fraudsters have hit gold after they managed to successfully plant an iPad-themed scam on the Facebook fan page of Lady Gaga. The page has 45 million fans, so only a minute percentage need to click for scammers to tap into an Xmas-themed windfall. The bogus messages claim the pop-star is running an iPad competition on the back …
omg dats like sooo annoyin i read that like dis garbage comment or summat wid bad inglish with me and my friendz down da yoof club on der free ipadz (lolz just seens a lolcat, my arse is totallyz fallingz zabout you know what i meanz? ya get mez bruv!!!) and omg, omg, omg, anuvva omg for goodz mezzure, i carnt believe me an me posse hadz to readz summat so badly written down on t'Reg it was propa bad bruv. why arent their propaaaaaaa protectionz on el regz ta stop this kinda dopey writing stylee on dis site!!!!!
If it's on an official page, and looks official; you can hardly blame them. I've filled out competition forms for Top Gear stuff that appeared on their official page, myself. Is everyone who enters any competition dim?
Basically, calling people dim for it is rather arrogant, don't you think? And rather ill-informed in not knowing how authentic the link might have seemed.
I keep getting things from companies that do their contest entry forms on Facebook. I just refuse because I don't trust Facebook, or any site that ISN'T the company I'm doing business with. For companies on FB, you have to ask yourself - who cares about your corp identity more? Facebook or YOU? If the answer is YOU, then you need to protect your brand identity, which could mean exiting FB... Just food for thought for the clueless MBA's currently running around.
You've never heard the old adage, "If it looks too good to be true, it almost certainly is!"?
Then again I prefer the others, "One born every minute." and a "A fool and his money are soon parted.". I've been scammed a couple of times in my life but as you get older you do tend to learn to trust any bugger less and less, the first point above means more each passing year!
> Proof (if needed) people really are DIM.
No, they just don't spend as much time trawling the internet as you do, nor do they necessarily have the time to do so.
I know lots of very intelligent people who just don't understand this because *it's not their profession*!! They have to deal with psychiatric patients (I couldn't do what my other half does in this area) or deal with legal matters. They concentrate on their own area and they're very, very good at it. They just don't have the time to sit down and spend lots of time learning all the ins-and-outs that computer people take for granted.
Get over it.
(I dunno why I re-signed up to this site... I'll just get downvoted by the people who don't seem to realise that there is actually a life out there...)
(Ok, I just did it for the handle...)
It might also be an extreme indicator that hardware and software as supplied is letting a lot of people be compromised and arguably not fit for purpose (the h'ware and s'ware not the people I mean)
I mean, if the North Atlantic financial blackhole reasonably expects finance houses to take a 50% haircut for giving out sucker loans then isn't there a similarity of sorts? (h'ware and s'ware not fir for purpose for a huge number of users)
B'sides, freedoms of actions mean people can do silly things no?
I'm not in IT, in fact I'm a lorry driver and so you could put me in the "thick" bracket but the fact it's on blogspot as well, for christ's sake. BTW, I'm quite sure I work longer hours than a lot of you over-paid muppets as well so yes, people are thick and ill-informed. The only thing I regret is mentioning it to them and then having to explain something they'll never get in a thousand years.
@AC 22:28 That's what the status bar is for, to reveal the blogspot destination.
This is no different to an email phish.
@Sweaty Hambeast
'I know lots of very intelligent people who just don't understand this because *it's not their profession*!!'
The tragedy is, you shouldn't need to be a professional to spot a questionable link. Some people are just gullible.
I don't have any experience with psychiatric patients, but I know not to give them knives.
You'd think people would be once bitten twice shy, but noooooo, the people whose machines we clean, we clean regularly. If it were down to me, they'd either have to go on a course or surrender their WAN access.
The problem here is that using a computer is part of almost every profession whether you like it or not. If you are required to use a computer as part of your job you ought to know a little about how to use it safely and you ought to learn how to use it correctly and take it very seriously.
This is not to call people who fall for things idiots or anything like that -- but to state that use of a computer is not part of someone's profession nowadays is stretching it a bit.
Also, as ignorance of the law is no defence so ignorance of computers ought not to be. If I am unsure of the laws regarding, for example, creating a website with borrowed images then I either don't do it or I consult a lawyer, I do not go ahead then blame not being a lawyer if I get into trouble. OK, bad example, but I'm sure most people here nave their own examples where they use caution because they're not sure.
Are going to send me 50 quid as well?
Actually, you don't need intelligence to spot a scam. Use logic if all fails.
Lady Gaga Editon iPad = Huh? Limited edition iPads don't exist? = Click link = Oh no, it's not on Lady Gaga' offical page = click off and not get scammed.
I'd blame Gaga's hyper-hyping machine than the intellgence of her fans (actually, the intelligence of her fans make sense now).
I agree with you to a point, but i think that you oversimplify the problem. Lots of companies host legitmate surveys on sites that are not theirs (surveymonkey springs to mind) so it's not that unlikely that you go to another site for that. People assume that as it is on her page then it is endorsed (to a degree) by her and therefore legit, or at least not illegal.
plus, that assumes that people are paying attention to the address bar in the first place.
And a lady GaGa edition iPad is a believable thing. It may not exist, but it seems reasonable and that is what the scammers are counting on.
After all, Apple have done limited editions before.
(http://www.apple.com/pr/library/2004/10/26Apple-Introduces-the-U2-iPod.html)
True. Surely though, Apple would market the pants off a limited edition Lady Gaga iPad? Not unbelievable, but whoever setup the scam knew they would get a reaction to target the lowest denominator of the general public.
It's the case of being too good to be true. Many people do not follow this golden rule xD.
I'm in agreement. The *average* person can't tell the difference. They aren't in IT, and particularly around security related IT. How are they supposed to tell the difference? Most of the readership of El Reg I suspect can (bright IT folks that we are), but the general public? No, and not because they're stupid (although some undoubtedly are...), their brains either aren't wired that way, or they haven't had enough security training. My wife is smart, but she isn't trained. Now I've tried to train her on this, but she isn't wired that way, and it won't sink in... To her credit, she is security conscious enough that she won't click anything remotely suspicious now, at least not without consulting me on it. Over time she's gotten much better at recognizing things, but it still isn't second nature like it is with me and a lot of us reading the Reg.
Basically, if doing a survey, these companies need to only do it on their domain. To do otherwise ultimately is going to expose them legally at *some* point. Like this Lady Gaga thing. What if those 120,000 start a class action against her (and she in turn sues Facebook) because it was on her page? Sound stupid? Yes it is, but as CToAW mentioned above, it was on her page, and could be deemed an endorsement. So maybe it'll be tomorrow, maybe the next day that this actually blows up on a company (maybe "Gaga Inc." or any number of other businesses out there who have outsourced their brand identity to a 3rd parties and even 4th and 5th parties by proxy...). I don't know, but at some point in the future, this outsourcing of "corporate brand identity" is going to backfire. I can't believe the respective corporate legal departments haven't gotten involved to shut this nonsense down yet. The ones I've come in contact with, don't have much of a sense of humour with corporate identity issues when doing stuff that affects the corp identity is not done on corporate controlled assets... Just saying. :)
*sigh* Facebook has turned into one giant user driven malware engine/hub. Much of the scams use the idiot behind the keyboard as the replication engine. :) Brilliant in execution, but terrifying in the level of effectiveness. Kudos to a worthy foe for that. I only wish FB had equally smart people in security though to counter...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
