Scammers target Justin Bieber fans on Facebook with lure of free tickets, warns Sophos

August 19, 2010 Sophos Press Release

IT security and data protection firm Sophos is warning Facebook users about the latest viral scam spreading on Facebook. The scam claims to offer free tickets to a Justin Bieber concert with updates appearing on Facebook reading:

"WOW! Justin Bieber Is Giving Away Free Concert Tickets Now"

Justin Bieber free tickets

The link then tricks Bieber fans into giving permission for a rogue application to post updates on their Facebook wall and status claiming that the Facebook user "has just snagged 4 free tickets to see Justin Bieber" with the headline "Justin Bieber Free Concert Ticket Giveaway!" These messages are then shared with all of the user's Facebook friends in order to further spread the link.

Snagged tickets

Status updated with bogus message about Justin Bieber tickets

"This is a dirty rotten trick to make money out of Justin Bieber's young fans. As teeny boppers hunt for free tickets to see their pint-sized idol, they are told to enter their mobile phone number which signs them up for a premium rate service that will cost £4.50 per week," said Graham Cluley, senior technology consultant at Sophos. "Facebook users need to start thinking more carefully about messages like this that are shared by their friends, especially when asked to install an application that can access their Facebook profile. Not only are users signing up to a costly charge on their mobile phone bill, but they are also exposing their personal information and endangering their online friends."

Impacted users should delete references to this scam from their wall, and remove the offending application from Account/Application Settings.

More information about the attack can be found on Graham Cluley's blog.

Users of Facebook are advised to join Sophos's Facebook group, which warns of emerging threats on the site.