Computer Crime Research Center


Social networking sites a hotbed for cyber crime

Date: January 26, 2009

The distribution of malware on social networking sites first occurred in small amounts towards the end of 2007, but that trend appears to be on the rise.

According to a report from MessageLabs Intelligence, which specialises in the analysis of messaging security issues and threats, a popular tactic in 2008 among cyber criminals involved the creation of fictitious accounts on social networking sites. These fake accounts were then used to post malicious links, which usually led to a phishing site, to legitimate users.

Scammers would then make use of the phished personal information, such as usernames and passwords, to gain access to legitimate accounts. This access would be used to post blog comments on their pages of their friends, and send messages from the phished accounts to other contacts. These messages usually contained spam, including links to spam sites such as online pharmacies.

"Web 2.0 offers endless opportunities to scammers for distributing their malware--from creating bogus social networking accounts to spoofed videos--and in 2008, the threats targeting social networking environments became very real," said Richard Bowman, regional manager, MessageLabs South Asia.

According to the Symantec report, January saw the emergence of e-mail spam which closely mimicked legitimate notification e-mails of two major social networking sites. These spam messages, which invited users to join a group on the social networking site, contained a link to a virtual group created on the site by the spammers.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo