These days, getting free stuffs from businesses is not an uncommon thing, even from airlines. There are plenty of offers out there. One of my friends has forwarded the following message in WhatsApp.
Free 2 tickets, wow ! I could not wait till I finished reading the message. Because it is all about 2 free tickets from the national carrier. This is unbelievable. So I did check the URL, first it seems that the URL is as same as the official URL of the carrier which is srilanka.com. Everything seems pretty cool. So I read it again and checked the URL. Then it flipped. The URL is srilankán.com , notice the letter á, instead of a.
If you visit the website, it looks as follow. It looks real, almost real, even the logo is also there.
You need to provide some answers, basically YES and NO for 4 questions and congratulations, you secured 2 free tickets. In the next screen, you need to send this to your WhatsApp contacts. Then after you can claim your 2 free tickets.
This URL wont work for desktop browsers, it keeps saying that the offer is not valid for the region while it gets directed to the following URL http://promopage.life/tick/g.php. The reason is pretty simple because it targets the mobile users as it needs WhatsApp to spread the news.
This is not a very smart phishing attack though it is mediocre. The attacker has matched the URL, it is so hard to notice the difference. The web site looks real too. However the Facebook section is not working at all. The connection is not secured (https). This is why you need to check for https always, make it a habit.
Although the offer of 2 free tickets raises your eyebrows, at the same time, it rings a bell. Because it is hard to believe that an airline is just throwing 2 free tickets for a simple survey like this. It would feel real, if it was like 50% for tickets or somewhat.
Finally, to avoid such malicious hoax, make sure you check the URL before you click it. Then look for https, a secure connection. Think before you share anything, specially when you are asked to share something via facebook, WhatsApp, Viber and etc. Last not the least, make sure you use your common sense too.
EDIT : Having https doesnt prove the authenticity. But not having https should ring a bell. So dont get confused. Checking for https (SSL EV) would be good test.
Did you get the same message? If so what did you do?