Dissecting Social Engineering - Free Product Scam

Free stuff is being used as a marketing or brand awareness tool, but it can be used for a much more sinister goal: It can be the tool to collect a significant amount of money via simple social engineering.

The scenario
I get offers for many products by e-mail which i mostly delete or let the spam filter take care of them. But in the past week i got bombarded from several different sources regarding one apparently free product. The sheer amount of e-mails made me read through one of them. It was an announcement for a free distribution of some SEO program.

Just for fun, I clicked on the included link, and got to a page with a style of a typical social engineering 'easy money' page. Here is the analysis of such pages.
At the end of the (very long) page i got to the real deal. They need my credit card in order to send me the free program on a DVD

  • I will be charged just shipping and handling costs for the program which are $7 for US and $10 internationally, and i get free access to the service for a month.
  • I will be billed $100 per month for the SERVICE, after the first month. I understand that I can cancel at any time right from within the site or by just logging a ticket at www.SOMEADDRESS.TLD
Wait, if it is a FREE PROGRAM delivered on a DVD with no strings attached, they can just dump it on rapidshare and let the visitors rip.

Why would they bother with all this shipping? Here is why:

The cost of one DVD, with replication, e-mail advertising (spamming), web site setup and credit card processor charges comes up to
  • $2.76 per DVD for delivery in the US
  • $ 4.54 per DVD for delivery outside US

So, based on the 'shipping and handling' charges, there is a profit margin on each CD of
  • $4.24 per DVD for delivery in the US
  • $5.46 per DVD for delivery outside US

The DVD needs to have something useful - an advertised PROGRAM . It is some program that should improve your Search Engine Optimization and can be whipped up by a programmer within 2 weeks to follow certain logic rules presented in SEO books all over the Internet.
  • Cost for the software - a maximum of $1000 - on rentacoder you get that done for even less.

If 1000 people out of 50,000 e-mails bite the bait, and 1000 DVD's are distributed in US (low margin scenario), there is a profit of $3240 before taxes.

But wait, there is more!
All those 1000 people left their credit card info online in order to be charged the 'shipping and handling'. However, the agreement is that by taking this free item, these 1000 people have opted in to a monthly fee of $100 for some online service which is never really explained and can be as simple as a mailing list for 'Valuable SEO Info'. Of course, the user can opt out at any time, but for the moment he is opted in!
So, just as there are people who forget to send in their rebate vouchers, there will be people who forget to opt-out of the online service, thus getting billed the $100. I would set the percentage of forgetful people at 20%, with 25% of them having a debit card with no funds to be taken. So, out of the original 1000 people who got their wonderful DVD, we arrive at 150 credit cards that will be billed after one month.
So, apart from the initial $3240 before taxes, we get additional $14925 before taxes.

Conclusion
The analyzed model is not a direct scam for all legal purposes, since it delivers a product which is free, and you have been informed of the additional charges that will be incurred after 1 month of usage of the 'service'.
On the other hand the product is promising a MONSTROUS income from Internet sites, which in 99.999% WILL NEVER HAPPEN.
At any rate, be very careful. THERE IS NO SUCH THING AS FREE LUNCH

Talkback and comments are most welcome

Related posts
Internet Social Engineering - Avoid Con Tricks

1 comment:

Nanda said...

Thank you for this article and information. after I read, I get the benefit

Regard

Designed by Posicionamiento Web