A month of giveaway spam on Twitter

Credit to Author: Christopher Boyd| Date: Wed, 19 Sep 2018 15:00:48 +0000

We’ve observed a low level spam campaign working its way through Twitter, with just under 2,000 posts visible on public search since September 1.

giveaway posts

Click to enlarge

The posts promote what appears to be CBD oil. For those who don’t know (And I was one of them—still not sure if this oil is supposed to be inhaled or consumed, but anyway), CBD is short for Cannabidiol, which is a chemical found in cannabis thought to have pain-relieving properties. It is often distilled into oil that can be used in many different ways for various ailments.

The posts follow one of two formats. The first is a large image splash attached to each Tweet:

Twitter post with image

Click to enlarge

It says:

Have you entered into the giveaway yet for a bottle of [product name]?

They are giving it away for FREE

Follow these simple steps:
Step 1: RE-TWEET this post!
Step 2: Click the “Link” below to get your FREE [product name] for the last step!

The second post format we’ve seen is just text with a referral link:

Twitter posts, text only

Click to enlarge

In both cases, the Tweets lead the curious clicker to a site located at

cbdhive(dot)com

This website’s Whois data is listed as domains by proxy, and it offers an email sign up for users to be the “first to know” about…well, no idea. It doesn’t say. I assumed the product was some sort of energy boost tablet, or maybe some kind of juice, and only learned of the medicinal oil connection after several bouts of Googling. All the visitor knows at this point is he has to sign up for something via email.

frontpage of site

Click to enlarge

Once an email address has been handed over, the visitor will be taken to a second page that claims to offer various bundles depending on how many friends make use of the referral/sign-up links. The options available are sharing it via Facebook, Twitter, and email.

post sign up...

Click to enlarge

If you refer five friends, you get one month of free supplies. Ten friends, two months. If you can summon 50 friends, then they claim you’ll receive a full year’s supply.

On our sign-up page, we were told “one friends [sic] have joined…keep checking.”

I don’t know who that friend is, because I certainly didn’t invite anyone (much less have them join).

We haven’t seen any evidence of the posts being automated, so it’s likely people are firing them off manually in the hopes of a freebie or 12.

I can’t say we advise jumping on the free stuff bandwagon; it’s never actually certain if the people participating will receive their desired games, ringtones, or other gifts. In this case, there’s also zero information we can see on the site about what the product is, what it does, how you use it, or if it’s even allowed in whatever region you happen to live.

Factoring CBD into the picture further complicates the matter because CBD is only legal in certain regions (globally), and under certain conditions. For example, CBD is legal in all 50 US states if it’s derived from the hemp plant. But if derived from marijuana, it’s legal in only eight US states. If prescribed by a doctor, it’s legal in 46 states. That’s not confusing at all.

Same deal for shipping, come to think of it. Is it targeted to one area only? Is International shipping possible with CBD?

I have no idea, and most likely neither does anyone else firing the links everywhere.

Always be cautious around sets of identical posts promising you free gifts in return for performing specific tasks. Most of the time, you’re doing little more than acting as free brand promotion for someone else’s SEO team taking the day off. I’m all for boosting the brand and increasing the verticals, but that’s taking things a little too far.

The post A month of giveaway spam on Twitter appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/