Scammers are pushing multiple fake Facebook profiles of Ellen DeGeneres, popular US TV show host and producer, with the goal of tricking people into jumping through a few money-making hoops. This isn’t a sophisticated scam. It isn’t hacking the Gibson. It won’t be the focus of a cutting edge infosec talk. However, it's certainly doing some damage—up to a point.
This scam is a victim of its own ambition.
What are they doing?The profiles all have one main promotion point, claiming that Ellen has a competition on-the-go, and people entering will be fortunate enough to win all manner of cool prizes. One profile touts pictures of Ellen standing next to a car; in another, she holds aloft a giant VISA card. Many of the fakes push genuine video clips of the TV host talking about charity drives to add a little more credibility to their fakeout.
The scammers somehow managed to make clips of Ellen talking about donation efforts from viewers sound like she’s giving things away. The illusion falls apart with a little bit of thought, but as with most scams, the allure of something for nothing proves too good to resist.
What do potential victims have to do?Some of the pages deviate from the template a little, but for the most part, the thing that gets this scam moving is the below text. It’s your standard plea to overshare the bogus offer to friends, family, and other contacts across the social network:
Click to enlarge
Surprise in the next 24 hours, I will randomly select people on Facebook, everyone who *shares* will receive a gift card, cash, and a big winner can win a car & house "Share now" don't miss! We are watching!!! I will choose 500 lucky people, $5,000,000 each only follows instructions
Step 1- Love it
Step 2- Share
Step 3- Comment on "DONE"
I’ve shared the scam, what next?Good question, potential fake Ellen giveaway victim.
What happens next is you’re directed to the comments section of the various posts floating around. You’ll then see one of half a dozen or so messages, roughly along the same lines:
“Hi all, you must register your name by downloading my movie click here and your name will automatically be registered”
Click to enlargeDownloading…your movie?
Well, this took a weird turn. A few of the links lead to a blogspot page touting “Ellen Degeneres givaways 2019.”
Click to enlarge
"To become a winner, by downloading one movie, you have been registered as a winner"Uh-huh. Weirdly the site also claims to offer up John Wick 3, Hellboy, and Shazam, which don’t feel very Ellen-ish. Speaking of not very Ellen-ish, one of the other sites offers up those other well-known Ellen Degeneres classics: Glass and Escape Room.
Click to enlargeYet another site, which appears to have fallen out of a late 1990's design wormhole, sends you elsewhere when clicking the register button.
Click to enlarge
Where to next?All of these blogs send clickers to the kind of movie sign-up portal we've been seeing online for some time. Suffice to say, we won't go over old ground, but you are absolutely not going to win any Ellen competitions by registering on any of the below sites. At best, you'll end up with a one-off membership fee or a rolling subscription.
That’s quite a scam daisy-chainIt is! It’s such a weirdly specific target, and so poorly thought out. Are the core demographic of Ellen fans really going to start with a cookie-cutter chain letter spam missive on Facebook, get caught up in a maze of confusing “Ellen starred in Batman Returns, you know” blogger pages, before ending up on a variety of utterly unrelated “sign up to watch this movie” portals—and then actually sign up?
Generally, most scams that have a movie sign-up site as a destination are a lot more straightforward than this: one click, BAM. Done. Even when these scams cross into strange realms, such as the fake John Wick ebooks from February, they tend to net out a more simple, and thus easier to ensnare users, process.
This scam has more twists and turns than Ellen popping up unannounced at the end of Usual Suspects. If we had to guess, we'd say "strong opening performance, closely followed by a viewing figures nosedive."
A captive audience?From a cursory glance at stats available for the blogspot websites via the Bitly links, this theory would appear to be borne out. There’s a lot of sharing and commenting apparently taking place on Facebook itself, but in terms of translating to actual movie spam page clickthroughs?
Click to enlargeNot so much. Only one of the three sites have anything approaching a regular flow of traffic, and those are small numbers. The second site has about 1,400 clicks, but that’s spread across two spikes in February and April. The third site has a grand total of 48 clicks at time of writing.
When the daisy chain snapsSomeone had a clever idea here: focus a scam around a celebrity you wouldn’t perhaps think of being the bait, and wrap it across multiple social media profiles. In theory, it could have been a winner for the individuals behind it. However, all inventiveness began and ended with the inclusion of Ellen. In the same way innovative online fakeouts gave way to endless, dreary years of “here’s a survey scam,” those seem to have been replaced by “here’s a movie sign-up scam” instead.
What you tend to see now is the movie sign-up scams jammed into almost every social engineering con trick around. They are—just like Ellen playing Agent Smith in The Matrix—inevitable.
Cancelling the showUltimately, then, this is a good example of a low-level scam gone utterly off the rails. Overloading something like this with needless complexity and multiple steps sounds cool on paper, but what this actually does is help potential victims steer clear. When they get bored, or confused, or drift off, that’s bad news for the scammers, and great news for everyone else.
If you’re behind this, please: Keep up the terrible work.