It was only a matter of time before phishing scams began popping up on Pinterest, the online image-based social network. The first, most obvious scam is for a Starbucks gift card. Users should also watch out for Cheesecake Factory gift card scams, which use similar language: “Free giftcards to all Pinterest users!”
Pinterest scams are different from Facebook’s in two ways. “Pinterest is a new platform that users may have less sophistication in understanding what looks legitimate, and what looks like a scam, since they haven’t had much exposure to the platform,” says ESET Security Researcher Cameron Camp. “Second, Pinterest hasn’t had the time to backfill protections for the user, unlike some of the other social media platforms, so there is a window where scammers can be effective before they put controls in place.”
Not surprisingly, similar phishing scams have been popping up on Facebook for years. One such Starbucks scam happened last year on the 40th anniversary. It was a giveaway scam, encouraging users to share the supposed prize with their friends.
Pinterest might just be the best place to post image-oriented giftcard scams. They blend right in with other images on Pinterest, making it harder to differentiate the true from the false. Search for “Starbucks” on Pinterest, and you’re sure to find plenty of coffee-related images. Just as on Facebook, there are plenty of Starbucks-loving Pinterest users.
TrendMicro blog posted this Starbucks phishing scam, which has been appearing on Pinterest. If the user clicks on the Starbucks giftcard image, they will be redirected to a website that asks them to please repin the images. After doing so, they’re asked to click a link, which sends them to a scam site.
Aside from just not clicking, how can users avoid getting caught in Pinterest scams? “Users should complain to Pinterest, and request that controls be put in place to stop the scammers,” says Camp. “Pinterest has shown some interest in stopping other types of scams, with things like the opt-out code to restrict content sharing from certain sites, so apparently they’re responding.”
Users beware.