2012-09-01
Abstract
Having enjoyed exponential growth over the last year, social media site Pinterest has also become a popular target amongst scammers for making money quickly and easily through various scams. Hardik Shah describes some of them.
Copyright © 2012 Virus Bulletin
Pinterest is a social media site which allows users to ‘pin’ images that they like on a virtual pinboard. A ‘board’ is a collection of pins on a given topic – a user can create a board containing photos and/or videos on any topic. Popular topics include design, cooking, weddings, crafts etc.
The graph in Figure 1 illustrates that Pinterest has grown exponentially over the past year.
With its rapid growth, it has become a popular target amongst scammers for making money quickly and easily through various scams. This article will discuss the various scams we have observed on Pinterest.
‘Pinjacking refers to a technique in which users are asked to forcefully pin content, without their intention to do so.’
Like other social sites, Pinterest is based around users’ interests. Pinterest allows users to ‘like’ or ‘repin’ any post. It also allows its users to comment on the pins and follow the users who posted them. Any pin which attracts people’s interest can become popular amongst Pinterest users and can be spread virally. The more people that like and repin a piece of content, the more popular it becomes. If it contains a URL, users may be redirected to that particular URL. T
hese features can be misused very easily. Consider a case where a scammer has pinned something and wants to spread it virally. In this case he has the following options:
Ask his friends, relatives and colleagues to repin the content on a courtesy basis.
Use various tactics to force users to repin given content and redirect them to the scammer’s site.
Option (1) here does not make the content virally popular unless it is extremely good or interesting, as people will only willingly repin or like content which is of interest to them.
Consider option (2): if a scammer has some way in which he can force users to repin or like a pin, then it can be spread virally. He only needs to drive initial traffic and then it can spread virally based on the users’ trust. If any of your friends share something on Pinterest that looks interesting, you will also want to see what it is, so you will check it out – and if it asks you to repin it before you can actually see the content, many people will do just that. This leads to viral spreading of the link, as shown in the graphic in Figure 2.
Spammers use such tactics to redirect legitimate users to their sites and make quick money. There are many ways in which a spammer can make money through Pinterest:
Force users to fill out various surveys.
Redirect users to sites such as Amazon that offer a referral fee.
If a user is browsing using a mobile device, calls may be made to premium rate numbers.
We have found a variety of techniques that are being used for Pinterest scams. They are:
Content lockers
Free gift card, give away scams
Referral scams
Premium calling numbers.
We will briefly look at each scam type below.
In this technique, when a user visits a particular scam site, he will see a ‘content locked’ message, as shown in Figure 3.
To unlock the content, the user is asked to repin the scam image/URL. Once a user repins the content, the page overlay will be removed, allowing the user to see the actual site. Since the user has repinned the content on his Pinterest account, his friends will be able to see it and, on clicking on the pin, they will be redirected to the scammer’s site, which will show them the same ‘content locked’ message and thus they will also be tricked into repinning the content.
To lock the web page content, a simple JavaScript technique can be used. This basically involves setting the body overflow style to hidden, as shown in Figure 4.
Various div elements are then created and appended to the body, as shown in Figure 5.
(Click here for a larger version of this image.)
The code of these elements is shown below:
The top and left of this div element are set to 0, and the ‘height’ and ‘width’ are set to 100%. This means it will overlap the body. Since the body element’s overflow style is hidden, the body elements will not be displayed and this element will be displayed as an overlay instead. The overlay will ask users to click on the ‘pinit’ button. Once a user clicks on the ‘pinit’ button, the overlay can be removed, as shown in Figure 6.
(Click here for a larger version of this image.)
It basically sets the cookie and reloads the document. On document load it checks whether the cookie is set. If it is set, then the overlay will not be displayed and the user can see the content.
In this technique, users are redirected to a website which has a catchy title such as ‘free gift card’, ‘shocking video’, ‘you will not believe it’, etc., and when a user clicks on them, they are redirected to various surveys. The scammer earns money each time a user finishes the survey. Figure 7 shows a sample post taken from such a Pinterest scam.
The code of the post is shown in Figure 8.
(Click here for a larger version of this image.)
As can be seen, the Pinterest post contains a link in ‘a href’ tags, so when a user clicks on the link he will be redirected to the particular URL. In this case, the URL seems to be offering a variety of gift cards, as shown in Figure 9.
When a user clicks on any of these, he will be redirected to the survey and the scammer will earn money based on the number of users who complete the survey.
In some cases we have also found that such links first redirect users to another web page which asks them to repin the content before moving forward, as seen in the image in Figure 10. Figure 11 shows the code of the ‘pinit’ button seen in Figure 10. Once a user clicks on the pinit button, they will be redirected to the survey site, as shown in Figure 12.
Many sites offer a referral bonus to users for directing visitors to the site and making a sale. This technique is used by scammers to earn quick money without the knowledge of innocent users. They create various posts on Pinterest which have popular product keywords – an example can be seen in Figure 13.
This post has an embedded link inside, as shown in Figure 14.
(Click here for a larger version of this image.)
Once a user clicks on such a post, they will be redirected to the embedded link, which is basically a redirector script, as shown in Figure 15.
(Click here for a larger version of this image.)
The script shown in Figure 15 redirects users to Amazon with the scammer’s product id, and in this way the scammer can earn a referral fee from Amazon.
Premium calling number scams check for the user agent string of the browser, as shown in Figure 17.
If a user is browsing the Pinterest site from a mobile device, then such scams display an image which appears to be of a video player, as shown in Figure 18.
Figure 18. Users browsing the Pinterest site from a mobile device are presented with an image which appears to be of a video player.
When a user clicks on such an image, depending on which country they are based in, they will be redirected to various websites which display porn images and ask the user to click on them.
When the user clicks on them a phone dialler will open with a premium calling number and if a user makes a call on this number, he will receive hefty phone charges, while the scammer earns revenue.
Pinterest is a great tool for sharing interesting things like photos, videos etc., but its features are being misused by scammers for black hat SEO to make quick money or for getting traffic to their sites. They have come up with tools which automate this entire task. Such tools make it very easy to post comments, create Pinterest posts or follow other users. This can generate lots of traffic for a scammer’s site.
Many forums on the Internet contain ads offering such tools for sale.
Some of these tools can be seen in Figure 20.
These tools considerably reduce the time taken to set up scams to just a few minutes. With the help of such tools anyone can easily start a Pinterest scam. These tools contain all the needed software, such as content lockers, account creators, comment posters, auto likers, URL generators, etc.
Setting up a new scam does not require much technical knowledge and therefore this is becoming popular amongst those who simply want to make quick money through such scams.
Pinterest is a site which offers users the opportunity to share images and videos, but with its exponential growth, it has also become a powerful tool for scammers to generate traffic and make quick money. This has also increased the amount of spam on Pinterest. Users should be careful while using Pinterest and avoid repinning content which redirects to surveys or websites offering free gift cards, giveaways, viral videos etc. Pinterest works based on users’ interests and trust. Such automated posts on Pinterest do not reflect users’ interests in any way, and should be avoided.
