JetBlue tickets scam spreads via Facebook, tricks Jezebel

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Facebook users are seeing lots of messages claiming to link to a special JetBlue Airways offer, claiming they can get free tickets. Unfortunately, anyone who clicks on the link is in danger of signing-up for a premium rate mobile phone service.

The messages look something like this (the precise wording may vary):

Jet Blue scam

JetBlue Airways
Your Free Trip
2 Free JetBlue Airways Tickets - Facebook Users Only

Sign up to our free newsletter.
Security news, advice, and tips.

The scam has been spread more widely, in part, because the Facebook page belonging to Jezebel.com (a women’s lifestyle blog, part of the Gawker network) passed on the message to its 30,000+ fans.

Jezebel's Facebook page. Click for larger version

If you were to click on the link you are taken to a webpage (with a large version of the JetBlue Airways logo in the background) which asks you to “Facebook Connect” with the site in order to access the alleged special offer.

Jet Blue scam

If you do that then Facebook asks if you want to give permission for an application called “JetBlue Family” to gain access to your account information, including the right to email you and post messages to your wall.

Jet Blue scam

Proceeding further, however, takes you to page which attempts to make money for the scammers – either in the form of a revenue-generating survey or, in my case, a page which tries to trick you into signing up for an expensive premium rate cell phone service (charged at £4.50 per week).

Jet Blue scam

In the meantime, the scam has already been posted onto your own Facebook wall, trying to trick your online pals and family into making the same mistake.

Hopefully, this article will act as an important reminder for folks to read the small print, and be very careful what applications they allow to gain access to their Facebook account. And owners of pages with tens of thousands of followers like Jezebel need to be much more careful what they do regarding their online safety too.

If you’ve been hit by a scam like this, remove references to it from your newsfeed, and revoke the right of rogue applications to access your profile via Account/ Privacy Settings/ Applications and Websites.

And if you’re a keen user of Facebook, you should join the thriving community on the Sophos Facebook page.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.