Skip to content ↓ | Skip to navigation ↓

A new scam claiming that major airlines are giving away two free tickets is making the rounds on social media platforms.

The ploy begins when a user stumbles across a post published on social media by another member offering two free airline tickets. In their posts, users around the world have mentioned Emirates, American Airlines, and Air India, to name a few. It’s possible they’ve written about even more airline companies than those which security researchers have already detected. (After all, it’s not the first time an airline-related scam has spread around social networking sites.)

An example of a social-network post with a link to a fraudulent website. (Source: Kaspersky Lab)

But it doesn’t matter which company the posts mention. They’re all fake. As such, they lead to fraudulent websites that vary only by logo, language, and color scheme.

Each fake web page asks the user to fill out three questions. Then the site asks them to help spread the “promotion”. Nadezhda Demidova, a web content analyst at Kaspersky Lab, explains what this process entails:

“After completing the survey, the victim is asked to take two more steps. First, the victim is asked to post the promotional information on his or her page on a social network and thank the airline in the comment. Secondly, the victim has to click the ‘Like’ button. It should be noted that the web page shows what appear to be Facebook comments from users who have already won tickets. An investigation showed that the comments are actually fake.”

The websites then use the geolocation feature to redirect the user to additional pages hosting dubious content like advertisements, surveys, and links to suspicious downloadable files. One of those websites even hosts a browser extension capable of reading all data in a browser, including passwords and credit card data. It’s understood that more than 5,000 users have installed this extension, known as “TV Hero,” at the time of this writing.

The TV Hero data-reading browser extension. (Source: Kaspersky Lab)

To protect against scams such as the one described above, users need to exercise caution around social media promotions. Amazing deals and free giveaways do come along now and then, but they do tend to be fake. As a result, users should be careful about the links on which they click and verify the web domain before they enter personal information. They should also think twice sharing a promotion containing potentially suspicious content on social media.