Do not falling victim of social networking spam

(27/02/2009)

With the continued rise of social networking around the globe, spammers using several specific types of attacks on unsuspecting social networking users. The attacks range from traditional nuisance spam to more insidious phishing and malware attacks on consumers' social networking profiles and pages.

The methods of these attacks are usually staged by the spammers either creating fake accounts or directly hacking into legitimate users' accounts. Often the form of the attack will be seen in a combination of 'friend' requests, wall posts, private messages and/or social networking applications.

Cloudmark, Inc. has released a list of the 'seven deadly sins of social networking spam' now frequently being employed by spammers, based on analysis of the billions of messages that Cloudmark scans for its social networking customers each day:

1. Dating spam – a personal message, often from a woman, to a male social network user inviting them to start a romantic relationship. Once contact is secured, this attack proceeds in much the same way as bride email scams;
2. Profile and IM lures – spammers act as legitimate friends or potential new friends interested in getting to know the user in order to lure them to a fake profile page or Instant Messenger conversation;
3. Redirection to inappropriate or dangerous websites – a message is sent to a user, warning them that photographs or rumours about them have been posted on an external site and urging them to go to the site to view;
4. Nigerian attacks – similarly to Nigerian 419 spam traditionally seen over email, social networking users are targeted with messages alerting them to a fake inheritance or access to a rich stranger’s fortune;
5. Fake jobs – sending personal messages or wall posts, spammers, posing as an employer, offer social network users fantastic job opportunities in order to spark conversation that will allow an avenue for further spam, phishing, malware or scams;
6. Competitor social network lure – invitations that seem to be from legitimate friends are sent to users via wall posts or personal messages urging them to visit virtually unknown social networking sites;
7. Religious based spam – spammers use social networking sites to preach to, and attempt to proselytise, users for various religions.

“There are steps that consumers can take to stop themselves falling victim to the seven deadly sins of social networking spam, but the only fool-proof way to protect users from attacks is for social networking sites themselves to have effective security solutions in place,” said Neil Cook, Head of Technology Services EMEA at Cloudmark. “Only by stopping all forms of online abuse can social networking sites be confident that both the platforms and subscribers are protected against today’s known abuses and tomorrow’s advanced threats.”

Related topics:  Internet and Web security   Virus, Worm, Email security, spyware and malware 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources