By Cesar Ortiz
Thousands of facebook users are receiving this message on their message post. This message is originated by one or more of their own friends that felt into the trap of the scam and will send them a copy of the message unwillingly. In the scam, users will receive a very, very professional looking post from a friend that claims to offer the certificate in a very professional looking Walgreen’s logo message box that requires users, as the first step in order to get the certificate, to “click Post to Profile” bottom to get the certificate. Please assume that you are the victim for clarity exposure purposes. The moment you click to the blue “Post to Profile” button, you will be sending the scam to all your friends in your facebook account. The scam was reported on the Hoax Slayer Web Site.
In our own tests, in the second step of the scam, in what the criminals call the “last step” you are then asked to “like” the post. You are then presented with a very real looking offer congratulating you and advising that you qualify for “the $50 Walgreens Gift card” and in order to claim the certificate you are asked to enter YOUR E-MAIL ADDRESS and the click the red “CLAIM NOW” button.
The script then changes and now you are required to, as a requirement to get the certificate, to complete a survey and a total of four sponsor offers. Let’s say that up to now, this portion of the scam have been able to get your e-mail so far. But now things gets worse, now the hackers are requiring that you provide your NAME, ADDRESS, PHONE NUMBER and DATE of BIRTH in order to get the Gift Card. Needless to say you will never receive any Walgreen’s $50 dollars Gift Card. The facebook security group is busy blocking the URL’s, but, the scammers are also busy switching to other URL’s (Internet addresses) to avoid blocking.
This is a VERY SERIOUS CRIMINAL hack. Users who fall into this trap are in serious problems and should do the following:
-Remove the post from your profile news feed, if you move the mouse to the right corner of the first line of the message, an “X” will show up, click on that “X” and delete the post, .. But first report to facebbok using the “report option” that shows up, and then, remove the post.
-Notify all your friends that you sent them the post unwillingly and help them remove it from their profile.
-Subscribe to one of the identity theft alert sites.
-Notify your phone provider.
-If in the USA, report the incident to the FBI and other US Agencies as a group by going to: