What hides behind the get-rich-working-from-home offers?
Do you ever get tempted to click on one of the myriad of work-from-home, get-paid-huge-money adverts that are littering the Internet? Do you ever wonder if those claims are true and how the scheme works?
Well, the researchers from Microsoft’s Malware Protection Center have decided to educate users and warn them about the dangers of these scams, which often result in them paying for things that they can get for free.
The adverts are placed by owners of affiliate program services, who are searching for Adverts – random Internet users working as affiliate program partners – who will advertise and push out paid services such as online dating, adult services, paid archives, and more.
Using the pushing out of paid archives as an example, the researchers explain that Adverts are prompted to install specially designed software called Packer on their computers in order to create “paid archives” of arbitrary content according to the the affiliate program rules.
“Note that in all cases, the service owners are not responsible for what content is created by the Adverts. The owner only provides the Packer, hosting services, landing pages containing descriptions and download links, and finally oversees the financial side of things: billing and distribution of funds received from users,” they point out. “The Advert is the person who does all the dirty work, relieving the service owner from any legal responsibility.”
In order to make the Advert’s job easier, the Packer software already has a few templates he can use, and they often resemble well-known software installers.
“What the Advert needs to do is just choose a template, specify the location of files that should be included in the installation, and hooray! The paid archive is ready,” share the researchers. “The Packer program deflates source files into a password-protected 7Zip archive (the password is created and stored on a network server), then it embeds the archive into the output file so that user who choose to install this file will be asked for a password/unlock code.”
More often than not, these paid archives include free software. Here is how one of the installers in paid archives looks like (this one is for the Skype client, which can be downloaded without a charge from the service’s legitimate site):
At some point during the installation process, the victim is asked to send a text message to a premium rate number in order to “receive an SMS free of charge”. In return, he usually gets an SMS asking for some personal information for “confirmation”.
The victim responds with another SMS containing the information, and is again charged from $5 to $20, depending on the service. Finally, he received back the password needed for the installation, and he can get on with it.
The amount of money that the victim has been tricked into paying might not seem big to many, but it multiplies really quickly when you consider the fact that there are a lot of inexperienced users out there who fall for these schemes. Also, all of that money should rightfully belong to the real author(s) of the software in question, and not to the scammers.