A contact of mine just fell victim to a spammer’s email address harvester that hides behind a free iPad scam.

The premise of the scam is this – you get sent an iPad review unit for 2 months, after which you are free to keep it.  All you have to do is sign up and … give them access to one or more of your email address books or social network accounts so they can “invite” your contacts too.

If you do allow the spammers access to your contact list they send an email like this to each of your contacts:

Hello (your contact),

Your contact (your name) invites you to participate in an iPad review program.
Marketing research companies are looking for individuals who are interested in reviewing the new Apple iPad. The testing period lasts one month, after which reviewers can keep the device as a reward.
To see more details or to register to our program, follow the link below:

(link removed)

Thanks,

The Beta Testing Inc Group

By spoofing your email address when they send to your contacts the spammer hopes to avoid suspicion, raise the level of trust, and convert more victims.

The Beta Testing Inc Website

I’ll do my best to avoid any active hyperlinks to the site, but the URL in the invite email I received was betaincgroup.com, which forwarded me to betatestinginc.com.

The website is quite polished looking and gives a good first impression with a slick design that doesn’t immediately scream “scam!” at you like some sites do.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

There is enough content and links on the site to look well established, but what they’re really hoping is that you will see the iPad offer and rush to take it up.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

The Email Address Harvest

The spammer cleverly seeks to harvest email addresses by tricking you into giving them up willingly.  First you’re asked for your email address (they’ve already harvested one of them when your friends invited you, and they’re hoping you’ll perhaps submit a different one in the signup process netting them two active addresses in the process).

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

In step 2 you’re asked to give them access to your email or social networks so that your friends can also be invited.  A long list of webmail providers is available, as well as LinkedIn and Youtube.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

Next you can complete your “registration”.  Its worth pointing out that this step can be done without either step 1 or 2 being actually completed.  They haven’t bothered coding in any logic to require you to complete the first two steps.  And I’ll show you why.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

The “Complete Registration” button points to a .php file on the local domain, which is a redirect to a new website.  The new website is a simple mobile phone continuity scam disguised as a quiz. Whether you completed step 1 and 2 or didn’t, they want iPad-hungry suckers to land on this website and fall for the next scam.  This is the spammer’s second bite of the cherry.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

This iPad giveaway masks your standard mobile phone subscription service scam.  I use the term “scam” quite willingly despite the following terms and conditions (which victims never read, and thats what they’re banking on).

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

“Subscription service: 2 msgs/wk $5/msg + $5 to join”

“This service operates according to the Australian code of conduct for SMS services.”

“Subscription: $5 once off joining fee + $10/wk to download mobile content”

No doubt this redirect is geo-located to send each potential victim to an offer in their own country.

Signs of the Scam

Despite the obvious signs I’ve already demonstrated there are plenty of other signals that should tell people this is all an elaborate scam if they were to look closely.  The website cleverly distracts from most of its written content with imagery and a strong call to action, but on closer inspection the tell tale signs are there.

Exhibit A: They say a phone number is required for the confirmation process, but the signup form doesn’t ask for one.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

Exhibit B: Numerous typos and grammatical errors (above and below).

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

Exhibit C: Efforts to get you spamming as many of your friends as possible.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

Exhibit D: Non-functioning links in the footer.  Amusingly, the Contact link in the footer doesn’t work but the one in the top nav menu does, and offers a standard contact form that is yet another way they can harvest your email address.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

Exhibit E: A non-functioning link to a Twitter profile, and my favourite of all, the “no spam” phone number.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

Who is Behind It?

Naturally the spammers are hiding behind private WHOIS details and domain names registered in the Bahamas.

iPad Scam: Beware of the Beta Testing Inc Spam Address Harvester

The mobile subscription service I was redirected to had a different WHOIS and was registered in Amsterdam.  They seem to be a generic “mobile entertainment” business running out of multiple countries, and not related to the iPad spammer themselves who appears to be an affiliate of the mobile company rather than directly associated.

Whether that service is legal in the countries it operates is irrelevant to me, I still consider it a scam and anyone who signs up to it be a victim.

From the Spammer’s Point of View

This is probably a decent earner for them.  As long as some of the invites slip past spam filters and trick a few people into opening their email contacts the spammer gets:

  • Usernames and passwords to email and social network accounts
  • Valid email addresses for future spam
    • At least 1 and sometimes 2 email addresses from the first victim
    • All of the email addresses that the person has in their email or social network account
  • Some affiliate commissions from the mobile subscription services they are redirecting victims to

And because of the invite system being used, after an initial push the scam could simply go viral and spread itself without any further effort.

Too Good to be True…

The old saying applies here.  Really, 5000 free iPads?  Sounds too good to be true doesn’t it?

Spammers are basically malicious marketers, and like any marketer will seek to exploit trends.  Valentine’s Day, Christmas, new US presidents, natural disasters, and yes even new Apple products.  There are all instant triggers for spam campaigns that try to take advantage of the things that are most relevant to people at the time.

A final note, if you did fall for this scam I strongly recommend you change your passwords now.

About the Author

Paul Cunningham

Paul is a former Microsoft MVP for Office Apps and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul no longer writes for Practical365.com.

Comments

  1. MarkJ

    Well done to Paul Cunningham to have carried out some really in depth research into this Beta Tester scam, I guess everyone has not, just got to be suspicious of salubrious offers but be highly perceptive as well. I have received the offer myself about 10 times now, but something told me not to trust it.

  2. Lakisha

    Pour EstebanUn article du monde de ce jour 2 septembre sur la &la;foq uragilité de la puissance américaine confirme et complète les chiffres déja donnés.La Nouvelle-Orléans a 67 % de noirs et 30 % de la population de la ville vit en dessous du seuil de pauvreté, ceux-ci sont restés la plupart du temps car ils n’avaient pas de voitures.

  3. Mike

    Thanks for article, very useful for me.

  4. SelenaRivera

    allyson park sent me a text to try out the new ipad 3 and keep it. Isa that one a scam too? the text said “AllysonPark@ ipad3betatest.com / / Apple Beta has Chosen you to help test the new iPad 3 and keep it! Join at http://www. Ipad3betatest.com” thats exactly what it said.The phone number was 3933 they text me at 2:42 am. so could someone notify me to know if it’s a scam or not.Please.

  5. Laurent

    Thanks for taking the time to do this and reminding us that : If it looks too good to be true, it’s because it isn’t ! What could us poor suckers do without you 🙂

  6. Max

    I was directed to a version of this site that was missing “step 2”, the one that asks for the password. Its has “Step 1.
    Submit your contact information” followed straight after by “Step 2. Complete registration”

    I did stupidly input my email address but never did it ask me for a password. Could they have obtained my contact addresses, even without me inputting a password?

  7. Lori Dickerson-Odoms

    Too late for me, I didn’t provide my password, but my entire contact list has been contacted because of my actions. It came from my nephew and I did a quick search on SNOPES, before preceding. Once I realized my error I sent a quick email to everyone warning them. My mom and brother asked if I sent them something a few days ago and today I rec’d a bunch of out of office replies: iPAD Tester request; game tester invitation from some friends and other contacts that are not my contacts, but I didn’t send out anything to them. I had almost forgotten about my stupid mistake because other than receiving a tremendous amount of spam everyday none of my family or friends had contacted me. Is there anything else I can do?

  8. CocoaiPhoneDev

    I registered for this site shown in image and i aktually winned it by using all my networks and sending friends opportunity to win too.

    ———————-

  9. Maire

    THANKS!! I dont fall for anything free, and I dont venture into any links. So i researched it and came to this link. I copied this link and sent it back to the person that invited me and I will call them as well to make sure they have received my email. We will make sure that we can now start our own chain of “Be Aware of this scam” to those who we know, and hopefully they will forwrad the info. I suggest if you havent done so, to please do the same.

  10. Sal

    what can they do to me with my email exposed to them beside contact my contacts which i also did with a warning?

  11. Sal

    i’m really worried about this Beta scam. They got me because the contact that they used to bait me is in communications and i thought was doing me a favor. I changed me email poassword, what other information about me can they gather from their access on my email that i should worry about? What other action sshod I take?

  12. Bill

    Oddly, when I went to the link in the email, it didn’t exist. Then checked snopes; nothing. Thanks for this excellent service you provide.

  13. Don

    The fact that Apple would be Beta testing in May when they just released in January is what caused my alarm bell to go off, then a quick google on the company name led me to this well crafted report.

    Bravo Paul!

    DRG

    1. Walt H.

      Paul: You have posted a very thorough explanation of how this scam works. Thanks so much. You saved me a lot of grief.
      It’s still making its way thru the net; – my invitation just came this week, – and no, Snopes still doesn’t have an entry for it. I’m glad I searched on Google and found you and had my suspicions confirmed.
      How come your most recent comment was May 28, 2010??? … have you been attacked/shut down ???
      Thanx, WH

  14. Meg

    Sorry, wasn’t thinking about code. The subject says…

    “Contact/friend’s name invites you”

  15. Meg

    Thank you for posting this. One part that I thought was tricky was it looks like it comes from someone you know, as well (because in a way, it does). The subject says ” invites you” and the reply-to is the contact/friend’s email address. Doesn’t that look legit! What tipped me off was that it happened to come from a blog I subscribe to that hasn’t updated in 6 months, so I googled the betaincgroup website and came across this article.

    Not only do I now know for certain it was a scam, but I also know I won’t be subscribing to that jerk’s blog anymore. 🙂

  16. Fadi

    This is a scam man so be careful

Leave a Reply