The Rolling Stones ticket giveaway scam starts with Facebook posts that urge users to visit a website. On this website, victims are asked to share a link. Once this link is clicked by 10 people, they allegedly get free tickets.
Of course, no one gets any tickets because the Facebook messages and the website have nothing to do with the Rolling Stones.
In addition to Rolling Stones concert tickets, scammers are also promising tickets to One Direction’s Where We Are tour. Fraudsters are luring internauts to a fake One Direction website, where they’re told to share a link and get 15 people to click on it in order to win tickets.
The site has different graphics than the bogus Rolling Stones website, but, according to experts from Sophos, the way it’s designed clearly indicates that the same group of scammers is behind this fake giveaway.
The same group is also responsible for a scam in which tickets to the Tomorrowland music festival are being offered.
Users who take the bait ultimately end up on survey websites which help the scammers make affiliate cash, or on some phishing site.
The websites used in this scheme have been registered using different information. One of the domains appears to be registered by someone in Germany. For the other two, registration proxies in Panama and the Bahamas have been utilized to disguise the registrant’s real identity.
“Nevertheless, the relationship between the scams is obvious, because they all seem to be driven by the same templating system; they all work in the same way; and two of them are hosted on the same server,” Sophos’ Paul Ducklin advises in a blog post.
“Fortunately, there’s a simply way to beat them all: don’t try, don’t buy, don’t reply. Scams like this only work if you get involved.”
These aren’t the only schemes Facebook customers should avoid. Last week, Microsoft experts reported coming across emails which informed recipients that their Facebook messages would be deletedin a few days.
“You haven’t been to Facebook for a few days, and a lot happened while you were away,” the emails read.
However, they have nothing to do with Facebook. Clicking on the links contained in the notification takes users to a shady website.