If you’re tempted to click through to claim two free tickets aboard a WestJet flight, we’re sorry to break it to you: the ad you’re seeing is just another scam living on Facebook.
Clicking on the Facebook ad will bring you to an outside site featuring a poll asking whether you’ve ever flown with WestJet, what you like best about the airline, and whether its services are satisfying.
After answering the three questions, the respondent is asked to “like” a Facebook page and “share” the poll.
What will all that get you? Maybe some extra advertisements on your Facebook feed or something similar or perhaps something more. But definitely not two free tickets.
There are a few dead giveaways that this is a scam (the site is not WestJet’s official site and incorrect grammar, for instance), but a spokesperson for WestJet confirmed Friday morning the airline is not giving away flights.
There was a similar scam based on Facebook last August, in which people were enticed with a giveaway.
At that time, WestJet published a blog to help spread the word and offer tips to help determine whether an offer is, indeed, too good to be true.
“We take our writing pretty seriously here at WestJet, so the poor grammar on the survey page should tip you off to the fact that it’s not real,” the post reads.
READ MORE: Top 10 scams of 2016 reveal Canadians lost more than $90M last year
“The final page of the survey, which requires you to share a post to your own Facebook wall and send a private message to 15 friends should also raise some red flags.”
Online scams are, unfortunately, nothing new, as a quick browse of the Canadian Anti-Fraud Centre’s site makes glaringly obvious.
Alongside some common scams – including romance scams, loan scams and vacation scams – is a section offering tips to help people protect themselves online.
READ MORE: A Gmail phishing scam is tricking users into handing over their private info
Tips include not replying to any email requesting personal information and not downloading or opening attachments.
It’s uncertain what the end game is for those behind the current WestJet ticket scam. It could be something as benign as a company looking for more Facebook “likes,” or something more malicious, like an attempt at identity theft.
Here are some more tips for avoiding becoming the victim of an online scam:
Don’t be fooled by official logos
One of the most common ways that phishing scams will try to fool you is by using official company logos or insignias. In some cases, the email address or web address may look close to the company’s name, but is slightly altered or off by a letter.
Often these messages will try to trick you into providing account information, passwords, or even credit card information by using common phrases like “Verify your account,” or “Reset your account.”
Watch out for poor spelling and grammar
Just like in this WestJet scam, an easy way to spot a phishing scam right away is by reading the email thoroughly to watch for incorrect spelling and bad grammar.
Phishing emails are notorious for obvious spelling mistakes. Remember, major companies would almost certainly have a copy editor looking at emails and ads before publication.
Check links before you click on them
Never click on a link included in a suspicious email.
Often attackers will use a legitimate web address in the hyperlinked text of the email, but once you click on the link it takes you to a malicious website.
But, if you hover your mouse over the link – without clicking on it – a small yellow box will appear showing the actual web address the link will take you to. If the link doesn’t match the hyperlinked text, it’s likely malicious.
Be proactive
As phishing scams become more sophisticated and harder to spot right away, it’s best to be proactive when it comes to online security.
This means making sure your web browser software is up to date, ensuring that its security features are protecting you against the latest discovered vulnerabilities. This means you should use a browser that has good security functions.
READ MORE: Kijiji scam uses golden retriever puppies to lure prey
Google Chrome, for example, uses two main security features – the Safe Browsing API site list, as well as a feature that confines infectious programs to the open browser page, preventing the virus from spreading to the computer, if the user comes across a dangerous site.
If you do receive what you believe to be a fraudulent email, you can report it to the Canadian Anti-Fraud Centre.