What is the "SPIN FOR REWARD" scam?
"SPIN FOR REWARD" is a scam run on various untrustworthy sites. Deceptive websites are rarely accessed intentionally. Most users enter them via mistyped URLs, redirects caused by other unreliable pages, intrusive ads, or installed PUAs (Potentially Unwanted Applications).
This scheme claims that users can win an exclusive prize by participating in it. However, none of the information provided by "SPIN FOR REWARD" is true; hence, users will not receive any of the promised prizes. This scam aims to promote phishing sites, which are designed to record data entered into them. At the time of research, "SPIN FOR REWARD" primarily pushed webpages targeting personal information.
"SPIN FOR REWARD" scam in detail
When users access a site promoting the "SPIN FOR REWARD" scheme, they are presented with a statement claiming that they have been randomly selected to participate in a survey. The scam promises an exclusive reward for their participation. To take part, users are urged to spin the wheel presented in the webpage. Afterwards, users are congratulated for winning and instructed to click the "Claim Reward" button. Pressing the button redirects to a phishing website.
Phishing sites can have various disguises and target a likewise broad range of data. Typically, those promoted by scams like "SPIN FOR REWARD" attempt to obtain victims' names, surnames, addresses, telephone numbers, email addresses, banking account details, credit card numbers, and similar information. All scams aim to generate revenue, yet how they achieve this goal - varies. The collected data can be sold to third-parties or used to create personalized schemes. Finance-related information (e.g., online bank log-in credentials, banking account details, credit card numbers, etc.) can be used to make fraudulent transactions and/or online purchases.
It is not uncommon for "SPIN FOR REWARD" type scams to also ask users to make payments. The bogus fees may be for transactions, shipping, storage, registration, subscription, and so on. These payments can be made through dubious payment gateways, which operate as phishing scams for financial information. To summarize, by trusting the "SPIN FOR REWARD" scheme, users can experience severe privacy issues, financial losses, and even identity theft.
How do potentially unwanted applications operate?
As mentioned in the introduction, untrustworthy/malicious sites (e.g., ones running "SPIN FOR REWARD") can be force-opened by PUAs. However, these apps can have other/additional heinous abilities. Unwanted applications classified as adware run intrusive advertisement campaigns. In other words, this software delivers misleading, unreliable, deceptive, and even malicious ads. They diminish the browsing experience and pose a threat to device/user safety. Once clicked on, intrusive adverts redirect to dubious/dangerous websites, and some can stealthily download/install software.
Browser hijackers are another type of PUAs. They operate by making changes to browser settings and restricting access to them - in order to promote fake search engines. The promoted search engines usually cannot generate search results, so they redirect to (or cause redirection chains ending with) Yahoo, Bing, Google, and other legitimate ones.
Furthermore, most PUAs (regardless of type) can track data. Information if interest includes (but is not limited to): browsing and search engine histories, IP addresses/ geolocations, and personally identifiable details. PUA developers monetize the collected data by sharing it with and/or selling it to third-parties (potentially, cyber criminals). Therefore, it is strongly advised to eliminate all suspicious applications and browser extensions/plug-ins immediately upon detection.
|Name||SPIN FOR REWARD pop-up|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Scam claims that users will receive a reward for participating in a survey|
|Serving IP Address (flashrewardspin[.]com)||220.127.116.11|
|Symptoms||Fake error messages, fake system warnings, pop-up errors, hoax computer scan.|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Online scams in general
"You Are Our Winner Today!", "Onlinemart Reward", and "Chance To Win The New iPad Pro" are a few examples of schemes similar to "SPIN FOR REWARD". The Internet is rife with online scams; there are thousands of sites that promote this deceptive content. Popular models are: fake prize giveaways/raffles, unbelievable deals and offers, alerts that an essential software product is outdated or missing, warnings that the device is infected or at risk, and so forth. Due to how widespread scams are on the Web, it is important to always exercise caution when browsing.
How did potentially unwanted applications install on my computer?
PUAs can have "official" download pages, which are often promoted by deceptive/scam websites. Intrusive adverts are also used to proliferate these applications. Upon being clicked, the ads can execute scripts to make downloads/installations without user permission.
PUAs are most commonly downloaded/installed together with other products. "Bundling" is the name of this false marketing method - packing regular programs with unwanted or malicious additions. The presence of these supplements can be hidden within the "Custom/Advanced" download/installation settings or left unmentioned entirely. Hence, by rushing through download/installation processes - users risk inadvertently allowing bundled content into their devices.
How to avoid installation of potentially unwanted applications?
It is highly recommended to research software before download/installation and/or purchase. Additionally, all downloads must be performed from official and verified sources. Untrustworthy download channels, e.g., Peer-to-Peer sharing networks, unofficial and free file-hosting sites, and other third-party downloaders - can offer bundled and harmful content. When downloading/installing, it is advised to read terms, study all available options, use the "Custom/Advanced" download/installation settings to opt-out from supplementary apps, tools, functions, etc.
Intrusive adverts appear ordinary and innocuous; however, they redirect to various questionable webpages (e.g., gambling, pornography, adult-dating, and many others). Should users experience such ads and/or redirects, they must check their devices and immediately remove all suspect applications and browser extensions/plug-ins detected. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.
Text presented in the "SPIN FOR REWARD" scam:
SPIN FOR REWARD
21 June 2021
You've been randomly selected to participate in a survey and earn* ! Spin the wheel if you would like to participate.
Every Monday we select users to earn* exclusive rewards. Just click on the SPIN button below to start.
*UPON COMPLETION OF PURCHASE REQUIREMENTS. CLICK FOR DETAILS.
700+ people reviewed this.
The appearance of "SPIN FOR REWARD" pop-up scam (GIF):
Screenshot of a browser notification (advertisement) promoting the "SPIN FOR REWARD" scam:
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is SPIN FOR REWARD pop-up?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.