Scammers target Justin Bieber fans on Facebook with lure of free tickets, warns Sophos

Sophos Press Release

Users warned they may be signing up to expensive mobile phone service, not getting concert tickets

IT security and data protection firm Sophos is warning Facebook users about the latest viral scam spreading on Facebook. The scam claims to offer free tickets to a Justin Bieber concert with updates appearing on Facebook reading:

"WOW! Justin Bieber Is Giving Away Free Concert Tickets Now"

Justin Bieber free tickets

The link then tricks Bieber fans into giving permission for a rogue application to post updates on their Facebook wall and status claiming that the Facebook user "has just snagged 4 free tickets to see Justin Bieber" with the headline "Justin Bieber Free Concert Ticket Giveaway!" These messages are then shared with all of the user's Facebook friends in order to further spread the link.

Snagged tickets

Status updated with bogus message about Justin Bieber tickets

"This is a dirty rotten trick to make money out of Justin Bieber's young fans. As teeny boppers hunt for free tickets to see their pint-sized idol, they are told to enter their mobile phone number which signs them up for a premium rate service that will cost £4.50 per week," said Graham Cluley, senior technology consultant at Sophos. "Facebook users need to start thinking more carefully about messages like this that are shared by their friends, especially when asked to install an application that can access their Facebook profile. Not only are users signing up to a costly charge on their mobile phone bill, but they are also exposing their personal information and endangering their online friends."

Impacted users should delete references to this scam from their wall, and remove the offending application from Account/Application Settings.

More information about the attack can be found on Graham Cluley's blog.

Users of Facebook are advised to join Sophos's Facebook group, which warns of emerging threats on the site.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.