I was prompted to rush this post out after receiving this Facebook share.

It’s easy to forget caution when viewing shares/likes from friends. The voucher has “British Airways” logos and appears to have a BritishAirways.com link. Googling led me to yesterday’s Sun scam warning with a picture of the same voucher.
Numerous airlines have issued warnings about free ticket/voucher scams using their company name – Social Media scams aren’t new.

Tips to avoid being scammed:


  1. Check the WHOLE link (see next point for Short Links)


    The give away in the above example is the link address:

    BRITISHAIRWAYS.COM-OFFERWIN.COM

    Anything in the link before a “/”, “#” or “?” (or if they don’t appear) is part of the website domain. If the address is prefixed with what looks like another companies (or Gov) domain, then assume it is dishonest and intended to deceive.

    In this case someone has registered the domain "com-offerwin.com" and the link is for a sub-site on this. The scammer can also use this domain to create other sub-sites such as “APPLE.COM–OFFERWIN.COM” for iPhone scams.


  2. Check Short Links in a URL Expander to avoid ending on a page that infects you with malware


    Points to note

    • Safe does NOT mean HONEST (see next tip)
    • The above image shows a redirection by 2 short URLs. There may be a valid reason for this, but I’d treat any pages which involve 3 or more short links with suspicion.

  3. Get your red, orange and green donuts


    Many security packages can add safety flags to your search results (e.g. Avast AV’s green tick, below). However “Safe” is a misnomer, these flags only indicate whether malware has been detected on the site NOT if it is Honest or has a good reputation.

    However you can fill this gap by installing the WOT (Web of Trust) Addon in most major browsers. It “red donuts” bad reputation/scam sites in Google results AND on Facebook. It’s not perfect (more on this further below).

    In the above search it correctly identified the Gov site to go to to renew your EHIC for free. The other 2 sites both charge you for “forwarding on” your data, WOT correctly “red donuted” one of these, but had insufficient feedback to provide any rating for the 3rd link (charging £35).

    WOT also works on Facebook. A site may be red circled because people believe its T&Cs gives the site carte blanche use of your Facebook data.

    WOT relies on community feedback to rate sites. New scam sites won’t be rated until feedback is received. WOT provides an (accuracy) confidence level for its ratings, but its possible for scammers to influence their site’s rating; and political opinion sites are susceptible to down rating by users with differing views. Despite these weaknesses I find it a valuable and useful tool.