Delta Air Lines free tickets scam spreads virally on Facebook

Graham Cluley
Graham Cluley
@[email protected]

After seemingly successfully spreading a scam across Facebook disguised as free JetBlue Airways tickets yesterday, the bad guys have turned their attention to Delta Air Lines.

Messages seen spreading today on Facebook look like this:

Delta Air Lines scam on Facebook

Just Got 4 Delta Air Lines Tickets For Free
delta tickets
They are offering 4 tickets to use in the Holiday Season. Grab yours now

Sign up to our free newsletter.
Security news, advice, and tips.

Maybe your security spider sense should already have made you suspicious about the seemingly oh-so-generous offer, but no doubt there are many people who would have felt tempted to click on the link. Especially when it appears on the wall of one of your Facebook friends.

If you do click on the link you are taken to a page which tells you you will need to “connect” if you want to receive your four free tickets.

Delta Air Lines scam on Facebook

Which, in turn, takes you to a standard permissions dialog asking you to grant access for the third-party application (called 4freedeltatickets) to peruse your profile, grab personal information from you, send you spam emails and even post to your wall.

Delta Air Lines scam on Facebook

Having done all this – will you actually receive four free Delta Air Lines tickets? I doubt it. In my case, I was taken to a webpage which asked me for my mobile phone number. In tiny print underneath it explained that by submitting my cellphone number I would be signing up for an expensive premium rate service – no thank you!

No doubt the scammers are earning commission by directing unsuspecting users in an underhand way to webpages like this.

And meanwhile, you’ll find that the rogue application has taken advantage of its right to access your Facebook profile, by spreading the message virally via your own wall. It’s even added you to an “event” in a future attempt to spread news of the bogus offer!

Delta Air Lines scam on Facebook

If you’ve found that you have fallen victim to a scam like this, remove references to the scam from your newsfeed, revoke the right of the rogue application to access your profile via Account/ Privacy Settings/ Applications and Websites, and delete any events that you aren’t interested in.

Here’s a quick YouTube video where I show you how to clean-up your Facebook account from such an attack:


If you’re a keen user of Facebook, you should also join the thriving community (over 32,000 so far!) on the Sophos Facebook page.

Hat-tip: Thanks to faithful reader Aniko for bringing this threat to my attention.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.