OFFICIAL SECURITY BLOG
January 2, 2014 | BY Christopher Boyd
What is it? The latest in a run of sites claiming to offer vouchers for well-known brands, this time focusing on ASOS.
Why is it a problem? Submitting personal information to advertising networks the end-user is not familiar with and downloads of potentially unwanted programs.
Who is at risk? Consumers looking for a New Year bargain.
Free voucher scams are a popular way to generate money at the expense of end-users who hand over lots of personal information in return for the promise of freebies – especially at this time of year when finances might be stretched. One such scam was covered over on the Bullguard blog a few weeks ago in the run up to the X-mas holidays.
I came across a site offering up “free ASOS vouchers” at
As with other sites of a similar nature, they want you to Like the post on Facebook then be whisked away to the vouchers.
Like the site covered on the Bullguard blog, this one has a countdown timer as the vouchers are supposedly being snapped up. However, my voucher site decided to break the laws of time and space somehow because their vouchers went into negative figures.
The HTML code contains the following blog URL:
which will lead the end-user to
I suppose I could point out that the static image underneath the survey popup says “closes 31st August” but seeing as the vouchers remaining already broke time and space let’s take a look at what is on offer:
There’s a Minecraft download (Malwarebytes Anti-Malware detects this as PUP.LiveSoftAction.A, with a VirusTotal score of 4/48), hair product samples in return for handing over your email address, insurance quotes and a media player (Malwarebytes Anti-Malware detects this as PUP.Optional.Verti, with a 19/46 VirusTotal score).
The site has a couple of other “offer” pages on display:
The ASDA page does nothing except redirect to an iLivid installer:
The Bunnings Warehouse page is much the same as the ASOS one, except it had this interesting addition sitting in the HTML code:
That particular page talks about “click jacking the like button” in an altogether too excited fashion:
If you hadn’t already decided to walk away from this one, that might be the final straw. Survey scams will continue to be repackaged for years to come, but please be aware that if you’re looking for a New Year bargain there are a few things you can do to avoid potential pitfalls of a “Who did I just give my personal information to” nature.
1) Check with the shopping chain yourself to see if an offer is valid. If they’re reasonably well know, it’s quite likely they’ll have a Twitter and / or Facebook presence.
2) Be suspicious. Are there elements that jar such as long-gone expiry dates or fake jpegs which appear to show Facebook Likes in their millions?
3) There is no guarantee whatsoever that you’ll be given what you’ve been promised after downloading a program or filling in a survey. Additionally, program downloads via survey sites will usually come with more software you didn’t actually want or need in the first place. Your only choice is to leave the site or take their word for it, and the latter option typically involves a consumer having a bad hair day.
I just checked out the ASOS Facebook page, and sure enough someone is asking them about what appears to be a .net variant. ASOS have confirmed the site is nothing to do with them, and their legal team is “looking into it”. Elsewhere, there are reports on the official ASOS page of another site using the same setup at
which can potentially take end-users to the same survey page seen above located at
You may still be getting back into the swing of things as 2014 slowly grinds into gear, but being mindful that scams and offers that are too good to be true never take a day off.