419 Scammers Take Advantage of the Facebook IPO

Today sees the highly-anticipated IPO (Initial Public Offering) of the social-networking site Facebook. The IPO is expected to be several times oversubscribed as the demand for shares greatly exceeds the number of shares being issued.

The high-profile nature of this IPO has not escaped the attention of the “419” or the “advance fee fraud” scammers. As a brief reminder, these scams typically promise vast sums of money in exchange for assistance. However, before said sums of money can be received, several increasingly-inventive up-front charges and fees must be paid. The fees keep coming and the promised money never materializes.

We recently spotted a 419 scam message offering a "FACEBOOK (IPO) SUBSCRIPTION PARTNERSHIP PROPOSAL". The use of an all uppercase heading is a common hallmark of such 419 scams.

The scam claims to be sent from a finance firm with offices in multiple locations around the world. The exact nature of the scam is unclear. The scam mentions loaning money under "soft" or generous terms to buy Facebook stock or shares and then selling them back to the finance firm at a price higher than the original purchase price.

The financial company claims to have offices in London, Hong Kong, and Dubai, yet the phone number included in the message is an answering service with a Sacramento, California phone number. The company's website claims that its registered office is in Cardiff, Wales.

A final strong indication that this is a scam is the email address, which the scammer is soliciting replies to. It is an amateurish-looking address at a common free Web-based email provider. A legitimate company would almost certainly use an email address at its own domain, rather than using a free Web-based address. The email address and name in the "From" header of the message are also different to the email address and name used in the message body.

Given the high profile nature of this IPO, we expect scammers to continue to take advantage of it in much the same way that they have taken advantage of previous news stories and events.

As usual, when receiving any kind of financial offer, exercise extreme caution. Use companies registered with the appropriate regulatory bodies for your jurisdiction, and if in doubt, don't hand over any of your money.

Symantec customers are protected against this and many other threats.