Sunbelt/GFI Labs warns Tumblr users against a scam preying on those who incorrectly type the microblogging website’s address on their browsers.
The blog said those who leave the letter “l” off Tumblr and type tumbr.com will be taken to a website asking them to take a survey.
“An enterprising individual in China is responsible for that domain, and clicking the image makes this happen: You’re taken from the Tumblr blog to a site called ‘video-reward.com,’ via a URL cloak website called ‘Secredir.com.'”
Visitors to tumbr.com arrive at an “offer” page where they are asked to enter their mobile numbers to win an Apple product for a slight fee.
The Tumbr URL has been around since 2007, but hardly active at all, uploading only generic landing page advertisements. But it evolved into something more in 2011, redirecting people to the Video-reward site that had been registered since 2011.
“Considering how popular Tumblr is, the owner of Tumbr.com could be coining it in if even a small percentage of users are accidentally filling their blogs with it. Let’s be thankful it’s just offers and not malware,” wrote Sunbelt/GFI.