Your

EL-AL 70th Anniversary Large-Scale Facebook Phishing Scam

By: Eldad Zamler



EL-AL 70th Anniversary Facebook Scam

El-Al air-plane

On June 4, a malicious site was created, whose sole purpose was to phish people's phone numbers.
The method used by the scammers was simple and well known. They shared a link on Facebook,
ostensibly on behalf of a respected company, promising anyone who clicked the link a gift.

This time the fraudsters pretended to be the EL AL Company, and they offered two free tickets as
a gift. Israelis are very familiar with EL AL Israel Airlines which is the flag carrier of Israel.
The name EL AL means "To the Skies" or "Skywards" in Hebrew.

The phishing Facebook post includes a photo of an EL AL flight ticket with the headline:
    EL AL offers 2 free tickets for everyone to celebrate its 70th anniversary.

This is a classic phishing fraud, in which users are asked to click on a "Like" or "Share" button,
but such clicking leads them to another page where they are asked to enter additional details.
This time the goal was to collect their phone numbers, and register them, unknowingly to a paid
premium text messaging service.

The scam post contains a link to http://elal-com.us/?DNLM0mt  (not elal.com).

When you click on the link, a pop-up message is opened stating that you are lucky
and have won the tickets.

The linked page includes a fake satisfaction survey of EL AL.
After completing the three-question survey, you are requested to enter your Facebook
credentials and share the post. If you do this, you are giving the scammers full access
to your account.

This phishing scam spread quickly in a few hours, because people shared the message with
their friends on Facebook, and thousands of Israelis fell into the trap, clicked on the link
and even gave their details and phone number in the "satisfaction survey", out of a desire
to receive flight tickets as a gift.

Once EL AL noticed the phishing scam activity carried out in its name, EL AL posted a
warning on its Facebook page (June 5 at 10:07), that the advertised ad guaranteeing 2
free airline tickets for participating in a survey is a false announcement.

This time, the victims of the fraud could easily repair the damage, asking the cellular
companies to cancel the registration for the premium text messaging service and even
block it completely. But sometimes such type of phishing scams aims to steal money
from the victims without being able to return it back, like happened lately with fake
emails pretend to be from DMV.

So, how can you avoid becoming a victim of a phishing scam?

The El-Al 70th anniversary facebook scam is almost identical to the Singapore Airlines
70th anniversary free tickets e-mail phishing scam. Fraudsters spread emails claiming
Singapore Airlines is giving away free tickets. SIA spokesman said that Scammers have
been phishing for users' personal data this way since Thursday (Aug 24).