Symantec warns of Facebook IPO scam
By Digital News Asia May 23, 2012
- Scam offers ‘soft’ terms to buy FB shares
- Amateurish communications and UPPERCASE headings dead giveaways
SYMANTEC Security Response said it has spotted a 419 scam message offering a "FACEBOOK (IPO) SUBSCRIPTION PARTNERSHIP PROPOSAL.”
The use of an all-uppercase heading is a common hallmark of such 419 scams, Symantec said in a statement.
They are known as 419 scams, taking their name from Section 419 of the Nigerian penal code -- many of thse scams seem to originate form that country.
This scam claims to be sent from a finance firm with offices in multiple locations worldwide. The exact nature of the scam is unclear. The scam mentions loaning money under "soft" or generous terms to buy Facebook shares and then selling them back to the finance firm at a price higher than the original purchase price.
As shown in the screenshot below, a strong indication that it is a scam is the email address which the scammer is soliciting replies to, Symantec said. It is an amateurish-looking address at a common free web-based email provider.
A legitimate company would almost certainly use an email address from its own domain rather than a free web-based address, Symantec noted. The email address and name in the "From" header of the message are also different to the email address and name used in the message body.
Facebook was listed on the Nasdaq exchange on May 18, with an offer price of US$38 a share. The stock went down 11% on its first day of full trading. The listing raised US$16 billion and gave the social networking giant a value of around US$104 billion.
Given the high profile nature of this IPO, Symantec expects scammers to take advantage of it in the same way that they have taken advantage of previous news stories and events.
For more information on the above, please click this link to the Symantec’s Security Response blog post at http://www.symantec.com/connect/blogs/419-scammers-take-advantage-facebook-ipo
Symantec advises Internet users to follow these best practices to avoid falling prey to similar scams:
- Do not click on suspicious links in email messages
- Avoid providing any personal information when answering an email
- Frequently update your security software which protects you from online phishing.