Computer Crime Research Center

phishing/japan.gif

Do not falling victim of social networking spam

Date: February 27, 2009
Source: securitypark.co.uk


With the continued rise of social networking around the globe, spammers using several specific types of attacks on unsuspecting social networking users. The attacks range from traditional nuisance spam to more insidious phishing and malware attacks on consumers' social networking profiles and pages.

The methods of these attacks are usually staged by the spammers either creating fake accounts or directly hacking into legitimate users' accounts. Often the form of the attack will be seen in a combination of 'friend' requests, wall posts, private messages and/or social networking applications.

Cloudmark, Inc. has released a list of the 'seven deadly sins of social networking spam' now frequently being employed by spammers, based on analysis of the billions of messages that Cloudmark scans for its social networking customers each day:

1. Dating spam – a personal message, often from a woman, to a male social network user inviting them to start a romantic relationship. Once contact is secured, this attack proceeds in much the same way as bride email scams;
2. Profile and IM lures – spammers act as legitimate friends or potential new friends interested in getting to know the user in order to lure them to a fake profile page or Instant Messenger conversation;
3. Redirection to inappropriate or dangerous websites – a message is sent to a user, warning them that photographs or rumours about them have been posted on an external site and urging them to go to the site to view;
4. Nigerian attacks – similarly to Nigerian 419 spam traditionally seen over email, social networking users are targeted with messages alerting them to a fake inheritance or access to a rich stranger’s fortune;
5. Fake jobs – sending personal messages or wall posts, spammers, posing as an employer, offer social network users fantastic job opportunities in order to spark conversation that will allow an avenue for further spam, phishing, malware or scams;
6. Competitor social network lure – invitations that seem to be from legitimate friends are sent to users via wall posts or personal messages urging them to visit virtually unknown social networking sites;
7. Religious based spam – spammers use social networking sites to preach to, and attempt to proselytise, users for various religions.
Original article



Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo