HONG KONG - JANUARY 7 : Hong Kong Disneyland's exotic scenery on 7 January 2013 in Hong Kong. It is the first theme park located inside the Hong Kong Disneyland Resort with Chinese culture, customs, and traditions incorporation in designing and building the resort. The theme park's cast members speak in Cantonese, English, and Mandarin. The park consists of six themed areas: Main Street, U.S.A., Fantasyland, Adventureland, Tomorrowland, Grizzly Gulch and Toy Story Land.

Avoid this fake Disney offer spam on Facebook

Disney scams tend to come and go, and we’ve noticed a few rattling around recently – with the Disneyland Diamond Celebration and free Disney cruises being used as leverage to entice clicks and sharing.

Here’s a few fake cruise pages from the 7th and 8th September, offering the chance to win a $5,000 giveaway cruise for US residents.

Fake Disney Cruise page

The posts generally read as follows:

Are you a US citizen? Then simply Share this post then click the “Signup” button on our page and you have the chance of winning a Disney Cruise for up to 5 people with a $5,000 giveaway. Limited time only, Like our page for announcements. Good luck.

Here’s how many shares and likes the pages we saw have:

14,330 shares, 3,313 Likes

40,223 shares, 6,665 Likes

643 shares, 496 Likes

23,531 shares, 3,264 Likes

That’s between just four pages. No doubt there are more floating around out there with people all too eager to sign up.

None of the pages we saw actually contained links, which is unusual – many of the people liking the pages and leaving comments were actually a bit confused as to what they were supposed to do next.

The most likely explanation is a sustained bout of Like Farming, where scam pages attempt to artificially inflate their Like tally to gain increased visibility. Eventually they hit whatever they consider to be their Like Farm critical mass and switch out the content they were originally offering to something else entirely. It could be apps, executables, surveys, anything they want to push once they have enough eyeballs.

Here’s an example of how one of the pages experienced a Like Bump:

Like Bump

Many of the supposed Disney Cruise pages have been taken down by Facebook, but the survivors are easy enough to dig out with a quick bit of Googling. At time of writing, the pages aren’t offering anything up so either whoever is behind it has moved on or they’re still waiting for Peak Eyeball.

While looking into the cruise pages, we also saw what one assumes is a final attempt to make a bit of profit from the Disneyland Diamond Celebrations. They’re still ongoing, but likely to end at some point in the near future so there is an incentive there to squeeze something out of it before it’s all over.

The Facebook posts made to individual accounts take the form of a “Let’s go Disneyland” message with a cut out and keep coupon for 2 free tickets to Disneyland.

Disney coupons?

Hopefully people printed them out instead of carving up their TFT with a pair of scissors but stranger things have happened. The message reads as follows:

Get 2 free Disneyland Theme Park Ticket (Limited Coupons)

Claim your free tickeys of Disneyland theme park now

DISNEYLAND4U(dot)XYZ

Ticket time!

The page looks similar to what you’d typically see from a survey offer, complete with rapidly ticking countdown timer and a “Share on Facebook” button. In this case, you’re supposed to “Click send then select 10 groups”. It seems Facebook doesn’t want you messing around with these pages:

Warning

The website directing you here was not a Facebook page. If you entered your Facebook login information on the previous site, you will need to reset your password

With the share functionality disabled, we can’t complete the next steps but it seems likely anybody using the page would have ended up with surveys to fill in. Whether we’re talking cruises, free entry, Disneyland vouchers or anything else for that matter, always double check the authenticity of supposed offers.

This is especially crucial on Social Media, where people can often post whatever they want and get away with it (for a little while, at least). If the site in question has verification, check for a sign of authenticity from the profile doing the posting.

If it looks too good to be true, and all that…

Christopher Boyd

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.