Whenever a new website happens to attracts the attention of the general population, it has a way of attracting a few seedy characters as well. I’m talking, of course, about internet con artists, and their tendency to latch onto whatever happens to be popular in order to launch an attack and make a quick buck.
In this case, the site-of-the-moment is Pinterest, the popular social media site that has amassed a user base exceeding 13 million individuals despite legality concerns and reports that the site was covertly adding affiliate links to user submissions.
The new Pinterest phishing scam attack takes a familiar approach: promising “free gifts” in exchange for little effort and collecting your sensitive information in the process.
A Free Coach Purse? No, Not Really…
The nature of the scam, originally detected by internet security company Trend Micro, is actually very simple. Interspersed among genuine images posted by real Pinterest users, you’ll find images that look like advertisements and implore you to “click now!” for free merchandise or a complimentary gift card at retailers such as Starbucks, Coach and Cheesecake Factory. Of course, the scam is being perpetrated without the retailers’ knowledge, and no free merchandise is to be found.
Once you click the link, your browser will be taken through a series of redirects before it finally lands on a page asking you to take a survey and enter some sensitive information. The scammers have even found a way to make their ads distribute themselves, by asking survey takers to re-pin the image so that others can fall into the same trap.
Avoiding the Scam
Avoiding the scam is easy – don’t click on the ads! So far, there’s no confirmation from Pinterest stating that the offending images have been removed from the site, and it’s possible that scammers have generated other images beyond the ones involving the aforementioned retailers.
For these reasons, you should be careful of clicking on any images in Pinterest that request your personal information, especially when those same images promise a free gift in exchange. If you do decide to click an image of this nature, watch your URL bar carefully to ensure it behaves as expected. An excessive number of redirects, or a redirect that lands you on a page you weren’t expecting, is a red flag for trouble.