Pinterest continues to draw both users and scammers in search for easy targets.
Trend Micro fraud analyst Paul Pajares has recently delved into the world of Pinterest scams, and has discovered a number of different approaches used to make victims share information about themselves and complete a bucketload of surveys.
Following the shortened links in the text accompanying a variety of pins, the users usually land on fake Pinterest pages. Made to look like the real deal, and sporting URLs that have pinterest carefully woven in them, the pages themselves routinely offer prizes or a chance to win a prize (often a free gift card, or discounts):
In order to enter the “competition”, the users are often asked to share their mobile phone number or email addresses, which will in the future be used to push onto them other scammy offers.
But no matter which approach is used, in the end, the users always end on survey pages.
“Upon closer investigation of these attacks, I noticed that before users are redirected to the fake Pinterest sites, the connection passes through ad-tracking sites,” says Pajares. “This way, the number of visitors are tracked, determining the supposed earnings of the scammers.”
“Based on our data, the fake Pinterest URLs are being visited since May 2. Fake Pinterest posts hosting scams are likely to spread within Pinterest via users who re-pin the posts.”
The site is doing its best to shut down the scammers and remove the offending posts as they appear, but they are not nearly quick enough. With software like Pinterest scam toolkits that can be bought online for relatively small sums, aspiring scammers have it very easy.