Yesterday, I was browsing through Facebook. I never really look at the ads on the right hand side of the page. Or rather, I should say that I never click on them. However, yesterday, my curiosity was piqued. There was an ad that I had already qualified for a free (free!) $1000 gift card from Best Buy because I was a male of a certain age. I was intrigued. Being in the antimalware space and as someone who has fought spam for years, trying to combat these annoying gift cards that plague user inboxes, I decided to click on the link. Maybe these types of ads were a way to circumvent spam filters. Perhaps social networking is the next big thing for spammers targeting users. Well, perhaps not the next big thing since they are already doing it.
I clicked on the link, and here’s where I was taken to:
“Yep,” I said, “that explains it. All I have to do is enter in my email address, be bombarded by tons of offers every day for the next 50 years, have my address sold to plenty of other folks and there we go – a free $1000 gift card!” As Milton Friedman said, there’s no such thing as a free lunch. Still, I decided to read the official gift offer rules. How much was this free gift card going to cost me?
Here are the terms and conditions:
After reading through all of this, I can see that it’s not going to be worth my time and effort to go through all of these steps. I mean really, 13 sponsor offers? And I have to buy stuff? I’ll bet it will end up costing me a lot more than $1000 to extend my credit.
Although Milton Friedman did say TANSTAAFL he did not coin this phrase. See William Safire's article http://www.nytimes.com/1993/02/14/magazine/on-language-words-out-in-the-cold.html
I'd sure be interested in seeing the payload landing page(s) for whomever made you this offer. You have my email address Terry.
All roads of offers for stuff from legit companies tend to run in one direction, towards a single source massive net abuser, located in the lower 48
The Coalition Against Unsolicited Commercial Email
I love best buy gift cards !!!
Kind of ironic, reading this.
I got to this page/post because a friend of mine on FB sent out invites to a FB page for this scam last night (and of course this AM said "Huh? What're you talking about?") so I did a FB search for "Best Buy $1000" and an external result was this page.
I said 'ironic' because several months ago, I installed Windows 7 on my MacBook Pro in a Boot Camp partition. I thought I should see what it is like to "live with Windows 7" so I booted into it and ran it for a week. I set up what I thought were reasonable defaults - I'm a Mac/Solaris/Linux guy, so somewhat of a Windows n00b - including Windows Firewall and set up Symantec and did (clean) scans, etc.
At some point I realized I needed to check mail from home, so I made the mistake of installing Thunderbird and using it. Near the end of my Windows week I suddenly started noticing something odd:
I run my own mail server, so I can create unlimited aliases that point to my account. Whenever I sign up on a Web page forum, etc., I create a new alias just for that site. I never use the alias for any other site.
Near the end of the week, all of a sudden I started seeing SPAM delivery attempts to some of these aliases. They were new ones that I'd never seen attempts on before. All in all, about 7 or 8 of my aliases had somehow escaped into the 'wild". Shortly thereafter, I started getting inundated with SPAM delivery attempts (to those aliases and others). At one point I was up to over 3,000 a day. (They've since tapered off, but I still get regular attempts.)
Luckily, because I run my own mail server, I was able to set a strict setting (i.e. check the supplied HELO host name/address for legitimacy) on and that stopped 95% of it at the front door, before it ever got to my maildrop. But still.
The bottom line here is that somehow, someway, despite using 'reasonable' defaults on my Windows 7 setup, something managed to break in to my machine and grab my Thunderbird Address Book and leak it out to the SPAM world. I shut down Windows and rebooted back into Mac OS X, and have never run Windows 7 since.
The ironic thing, then, is that it seems to me that the most important way to prevent SPAM is to keep them from breaking into Windows in the first place so they can steal your Address Book. Maybe you Microsoft guys should concentrate on that more.
i only had to do 2 surveys before i got my award and the 24/7 network couldn't process my order at that moment, have i gone too far
I Have recive a text message that i have 1,000 pending from best buy they just need a shipping address it is 12216 Sedona Road Apple Valley,CA.
thank you for sharing your experience.
I'm so glad you posted this, I received a text message via cell phone about the very same offer, you would think we could get some sort of law suit for unsolicited spam or cost of messaging.
Thanks for sharing that you looked into this and found out the details. Saved me a lot of time.
Have a great new year.
Thanks for doing all the leg work. I almost got worked by this myself...
I get tons of tailored adds all over FB these days (most of them pertain to my favorite Microsoft Porducts, but still I resist clicking them),
Text message was from a cell phone, Do I need to say more.
You should try to talk to your carrier and get that charge taken down on account of it being a spam message.
I WILL NOT BUY FROM BEST BUY AGAIN, IF THIS IS HOW THEY HANDLE PRIVICY ISSUES!!!
Got the same text on my cell phone and immediately knew something was wrong bc due to an error in best buys database they don't hav my actual cell number (though I've had it for 10 years they have it listed under some1 else's name and won't change it). So, betst buy doesn't actual have my cell. This isn't from best buy....