"Adidas is offering 2,500 pairs of shoes to celebrate its 69th anniversary" is how the ad reads, but when it sounds too good to be true, it usually is. This phishing scam, which is currently active and targeting mobile users in the United States, Norway, the Netherlands, Nigeria and Sweden, amongst others, with experts predicting attacks on the UK and Ireland to be forthcoming.
The attack itself is simple and straight-forward enough: Once the linked is clicked, the website runs a few checks to make sure the request originated from a mobile device. Once confirmed, the website collects geolocation data for the visitor's IP address. The visitor is then redirected (where to depends on the country of origin), where he or she will complete a four-question survey, and despite the answers, is told they are "qualified" for the free pair of shoes, once they share the promo with their friends, of course. In doing so, the website now has access to the visitor's contact list. After a few more hoops, the visitor pays $1 in order to receive their shoes, which of course never come.
The real purpose of the scam? Subscribing the visitor to "organizejobs" and charging them $49.99 a month for the privilege. Head over to IT Security Guru to understand how to identify and steps for avoiding, the scam.