A contact of mine just fell victim to a spammer’s email address harvester that hides behind a free iPad scam.
The premise of the scam is this – you get sent an iPad review unit for 2 months, after which you are free to keep it. All you have to do is sign up and … give them access to one or more of your email address books or social network accounts so they can “invite” your contacts too.
If you do allow the spammers access to your contact list they send an email like this to each of your contacts:
Hello (your contact),
Your contact (your name) invites you to participate in an iPad review program.
Marketing research companies are looking for individuals who are interested in reviewing the new Apple iPad. The testing period lasts one month, after which reviewers can keep the device as a reward.
To see more details or to register to our program, follow the link below:(link removed)
Thanks,
The Beta Testing Inc Group
By spoofing your email address when they send to your contacts the spammer hopes to avoid suspicion, raise the level of trust, and convert more victims.
The Beta Testing Inc Website
I’ll do my best to avoid any active hyperlinks to the site, but the URL in the invite email I received was betaincgroup.com, which forwarded me to betatestinginc.com.
The website is quite polished looking and gives a good first impression with a slick design that doesn’t immediately scream “scam!” at you like some sites do.
There is enough content and links on the site to look well established, but what they’re really hoping is that you will see the iPad offer and rush to take it up.
The Email Address Harvest
The spammer cleverly seeks to harvest email addresses by tricking you into giving them up willingly. First you’re asked for your email address (they’ve already harvested one of them when your friends invited you, and they’re hoping you’ll perhaps submit a different one in the signup process netting them two active addresses in the process).
In step 2 you’re asked to give them access to your email or social networks so that your friends can also be invited. A long list of webmail providers is available, as well as LinkedIn and Youtube.
Next you can complete your “registration”. Its worth pointing out that this step can be done without either step 1 or 2 being actually completed. They haven’t bothered coding in any logic to require you to complete the first two steps. And I’ll show you why.
The “Complete Registration” button points to a .php file on the local domain, which is a redirect to a new website. The new website is a simple mobile phone continuity scam disguised as a quiz. Whether you completed step 1 and 2 or didn’t, they want iPad-hungry suckers to land on this website and fall for the next scam. This is the spammer’s second bite of the cherry.
This iPad giveaway masks your standard mobile phone subscription service scam. I use the term “scam” quite willingly despite the following terms and conditions (which victims never read, and thats what they’re banking on).
“Subscription service: 2 msgs/wk $5/msg + $5 to join”
“This service operates according to the Australian code of conduct for SMS services.”
“Subscription: $5 once off joining fee + $10/wk to download mobile content”
No doubt this redirect is geo-located to send each potential victim to an offer in their own country.
Signs of the Scam
Despite the obvious signs I’ve already demonstrated there are plenty of other signals that should tell people this is all an elaborate scam if they were to look closely. The website cleverly distracts from most of its written content with imagery and a strong call to action, but on closer inspection the tell tale signs are there.
Exhibit A: They say a phone number is required for the confirmation process, but the signup form doesn’t ask for one.
Exhibit B: Numerous typos and grammatical errors (above and below).
Exhibit C: Efforts to get you spamming as many of your friends as possible.
Exhibit D: Non-functioning links in the footer. Amusingly, the Contact link in the footer doesn’t work but the one in the top nav menu does, and offers a standard contact form that is yet another way they can harvest your email address.
Exhibit E: A non-functioning link to a Twitter profile, and my favourite of all, the “no spam” phone number.
Who is Behind It?
Naturally the spammers are hiding behind private WHOIS details and domain names registered in the Bahamas.
The mobile subscription service I was redirected to had a different WHOIS and was registered in Amsterdam. They seem to be a generic “mobile entertainment” business running out of multiple countries, and not related to the iPad spammer themselves who appears to be an affiliate of the mobile company rather than directly associated.
Whether that service is legal in the countries it operates is irrelevant to me, I still consider it a scam and anyone who signs up to it be a victim.
From the Spammer’s Point of View
This is probably a decent earner for them. As long as some of the invites slip past spam filters and trick a few people into opening their email contacts the spammer gets:
- Usernames and passwords to email and social network accounts
- Valid email addresses for future spam
- At least 1 and sometimes 2 email addresses from the first victim
- All of the email addresses that the person has in their email or social network account
- Some affiliate commissions from the mobile subscription services they are redirecting victims to
And because of the invite system being used, after an initial push the scam could simply go viral and spread itself without any further effort.
Too Good to be True…
The old saying applies here. Really, 5000 free iPads? Sounds too good to be true doesn’t it?
Spammers are basically malicious marketers, and like any marketer will seek to exploit trends. Valentine’s Day, Christmas, new US presidents, natural disasters, and yes even new Apple products. There are all instant triggers for spam campaigns that try to take advantage of the things that are most relevant to people at the time.
A final note, if you did fall for this scam I strongly recommend you change your passwords now.
Well done to Paul Cunningham to have carried out some really in depth research into this Beta Tester scam, I guess everyone has not, just got to be suspicious of salubrious offers but be highly perceptive as well. I have received the offer myself about 10 times now, but something told me not to trust it.
Pour EstebanUn article du monde de ce jour 2 septembre sur la &la;foq uragilité de la puissance américaine confirme et complète les chiffres déja donnés.La Nouvelle-Orléans a 67 % de noirs et 30 % de la population de la ville vit en dessous du seuil de pauvreté, ceux-ci sont restés la plupart du temps car ils n’avaient pas de voitures.
Pingback: Photographe Lyon
Thanks for article, very useful for me.
allyson park sent me a text to try out the new ipad 3 and keep it. Isa that one a scam too? the text said “AllysonPark@ ipad3betatest.com / / Apple Beta has Chosen you to help test the new iPad 3 and keep it! Join at http://www. Ipad3betatest.com” thats exactly what it said.The phone number was 3933 they text me at 2:42 am. so could someone notify me to know if it’s a scam or not.Please.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
I can guarantee you that is a scam.
Thanks for taking the time to do this and reminding us that : If it looks too good to be true, it’s because it isn’t ! What could us poor suckers do without you 🙂
I was directed to a version of this site that was missing “step 2”, the one that asks for the password. Its has “Step 1.
Submit your contact information” followed straight after by “Step 2. Complete registration”
I did stupidly input my email address but never did it ask me for a password. Could they have obtained my contact addresses, even without me inputting a password?
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Probably not, but they’ve probably got *your* email address out of it at least.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Lori, unfortunately once the spammers have the email addresses there is really nothing else you can do about it.
Too late for me, I didn’t provide my password, but my entire contact list has been contacted because of my actions. It came from my nephew and I did a quick search on SNOPES, before preceding. Once I realized my error I sent a quick email to everyone warning them. My mom and brother asked if I sent them something a few days ago and today I rec’d a bunch of out of office replies: iPAD Tester request; game tester invitation from some friends and other contacts that are not my contacts, but I didn’t send out anything to them. I had almost forgotten about my stupid mistake because other than receiving a tremendous amount of spam everyday none of my family or friends had contacted me. Is there anything else I can do?
I registered for this site shown in image and i aktually winned it by using all my networks and sending friends opportunity to win too.
———————-
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
No you didn’t.
THANKS!! I dont fall for anything free, and I dont venture into any links. So i researched it and came to this link. I copied this link and sent it back to the person that invited me and I will call them as well to make sure they have received my email. We will make sure that we can now start our own chain of “Be Aware of this scam” to those who we know, and hopefully they will forwrad the info. I suggest if you havent done so, to please do the same.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Sal, if you gave them your username and password to any email or social network accounts you should change those passwords. Besides that there is not much else you can do about it.
what can they do to me with my email exposed to them beside contact my contacts which i also did with a warning?
i’m really worried about this Beta scam. They got me because the contact that they used to bait me is in communications and i thought was doing me a favor. I changed me email poassword, what other information about me can they gather from their access on my email that i should worry about? What other action sshod I take?
Oddly, when I went to the link in the email, it didn’t exist. Then checked snopes; nothing. Thanks for this excellent service you provide.
The fact that Apple would be Beta testing in May when they just released in January is what caused my alarm bell to go off, then a quick google on the company name led me to this well crafted report.
Bravo Paul!
DRG
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
@Fadi – thats kind of the point I was making.
@Meg – yes the spammer is hoping that people will trust messages sent by someone they know. But you have to remember that email addresses can be easily forged/spoofed.
Paul: You have posted a very thorough explanation of how this scam works. Thanks so much. You saved me a lot of grief.
It’s still making its way thru the net; – my invitation just came this week, – and no, Snopes still doesn’t have an entry for it. I’m glad I searched on Google and found you and had my suspicions confirmed.
How come your most recent comment was May 28, 2010??? … have you been attacked/shut down ???
Thanx, WH
Sorry, wasn’t thinking about code. The subject says…
“Contact/friend’s name invites you”
Thank you for posting this. One part that I thought was tricky was it looks like it comes from someone you know, as well (because in a way, it does). The subject says ” invites you” and the reply-to is the contact/friend’s email address. Doesn’t that look legit! What tipped me off was that it happened to come from a blog I subscribe to that hasn’t updated in 6 months, so I googled the betaincgroup website and came across this article.
Not only do I now know for certain it was a scam, but I also know I won’t be subscribing to that jerk’s blog anymore. 🙂
This is a scam man so be careful