Home ScamsPhishing Scams ‘Private Message’ Phishing and Survey Scam Emails

‘Private Message’ Phishing and Survey Scam Emails

by Brett M. Christensen

Outline

Emails with the subject line “Private Message” invite recipients to click a link to read a private message supposedly sent from the email address of one of their contacts. 

Brief Analysis

The emails are scams designed to steal webmail login details as well as trick users into participating in online survey scams and visiting websites that contain malware. The stolen information is used to hijack email accounts. The hijacked accounts are then used to send further “Private Message” scam emails to people on the account holder’s address list.

Example

Subject: Private message

[Email address removed] sent you a private message.

Private message [Link removed]

 

Detailed Analysis

This deceptively simple scam campaign tries to draw in potential victims by claiming that they have received a private message. The scam emails consist of nothing more than a brief message claiming that a specified email address has sent a private message. The emails include a link that recipients can click to access and read their private message.

However, the link does not open a private message. Instead, it opens a fake webmail login page that asks users to sign in with their User ID and Password. The information submitted on the fake sign in form will be sent to scammers and may later be used to hijack the victim’s real email account.

Submissions indicate that, once people have fallen for the ruse and submitted their login details, their email accounts are then used to send the same “Private Message” scam emails to all of the people on their contact lists. 
After users have signed in via the fake page, they are next taken to another website that tries to entice them into participating in various surveys or offers in exchange for “free” prizes such as iPads or laptop computers. Many of the bogus “survey” pages claim that users must provide personal information including name, address and contact details before they are eligible to receive any prizes.

Others will claim that users must submit their mobile phone number before they can claim any gifts or enter any prize draws. However, many users may not realize that by providing their mobile phone number they are actually subscribing to a very expensive SMS “service” charged at several dollars per message received.

No matter how many offers or surveys they complete, or what services they subscribe to, victims will never receive their promised free gift or even a genuine competition entry. The scammers who create these bogus promotions will earn commissions via suspect affiliate marketing schemes each and every time a victim completes an offer or participates in a survey. Victims may also be faced with large phone bills for unwanted mobile phone services and, because they have provided name and contact details, they may be inundated with unwanted promotional emails, phone calls and junk mail.

In some cases, the victims may also be directed to compromised websites that harbour various types of malware.

The scam campaign although seemingly simple in execution may actually be quite effective. Many online services do send automatic “Private Message” notifications via email. People who have received legitimate private message emails in the past may, therefore, be more inclined to click the bogus link in the scam message without due caution. Moreover, because the scammers use previously hijacked accounts to send their messages, recipients may genuinely believe that the “Private Message” email was sent by someone they know and trust.

This campaign is very similar to another phishing attack that I reported on in April 2012. The earlier campaign consisted of emails containing only a link asking people to click to view attached photographs, videos or messages. Again, those who clicked the links were taken to a fake webmail login page and then redirected to survey scam and malware websites.

If you receive one of these emails, do not click on any links that it may contain.



Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer