Cyber Crooks prefer Facebook and Twitter over email spam
Contributed by: Email on 05/07/2012 11:23 AM
[
Comments
]
Cybercrooks have quit pouring thousands of spam into email inboxes in favor of hassling victims on social networks as an easier way to make money.
The dismantling of remote-controllable armies of compromised PCs, the collapse of some shady affiliate advertising networks, and better spam-filtering technology have all resulted in a decrease in traditional email spam delivery.
Twitter and Facebook have both become primary conduits for spam in the process - and the messages sent usually look far more convincing. Paul Judge, chief research officer at Barracuda Networks, said that one in 100 tweets on Twitter and one in 60 messages on Facebook were either spam or malicious. The switch from email was an obvious move for crooks because social networks are where the majority of internet users spend their time.
"Tools are available to automatically generate a profile and make it look like a real user by adding likes and places of education attended, for example," Judge explained. Fake profiles are very different from legitimate profiles: 97 per cent of fakes are female, compared to 40 per cent of the real population on Facebook, and 58 per cent claim to be bisexual females, compared to 6 per cent of the real female users of the social network who say they like both men and women. Fake profiles also tend to have "more friends", 726 on average compared to the 130 average for the general Facebook population.
“If a person likes a page, they can be tagged in a photo with 50 other people who each have hundreds of friends. Thousands can be reached from one photo, making the process very efficient,” Judge explained. The photo has a comment underneath containing a malicious link that poses as links to more photographs.
Twitter is also extensively used by spammers: fake accounts can be created far more easily than on Facebook via a trivial scripted process that involves submitting only a name, email address and password. Fake accounts either mention legitimate users or comment on trending topics in order trick surfers into following dodgy links. Many fake accounts can be recognized by following a large number of people but having few people following them back.
Exploit kits and "Facebook cloaking tools" are being offered for sale in underground cybercrime marketplaces in much the same way tools that automated the process of email spamming have long been sold.
The dismantling of remote-controllable armies of compromised PCs, the collapse of some shady affiliate advertising networks, and better spam-filtering technology have all resulted in a decrease in traditional email spam delivery.
Twitter and Facebook have both become primary conduits for spam in the process - and the messages sent usually look far more convincing. Paul Judge, chief research officer at Barracuda Networks, said that one in 100 tweets on Twitter and one in 60 messages on Facebook were either spam or malicious. The switch from email was an obvious move for crooks because social networks are where the majority of internet users spend their time.
"Tools are available to automatically generate a profile and make it look like a real user by adding likes and places of education attended, for example," Judge explained. Fake profiles are very different from legitimate profiles: 97 per cent of fakes are female, compared to 40 per cent of the real population on Facebook, and 58 per cent claim to be bisexual females, compared to 6 per cent of the real female users of the social network who say they like both men and women. Fake profiles also tend to have "more friends", 726 on average compared to the 130 average for the general Facebook population.
“If a person likes a page, they can be tagged in a photo with 50 other people who each have hundreds of friends. Thousands can be reached from one photo, making the process very efficient,” Judge explained. The photo has a comment underneath containing a malicious link that poses as links to more photographs.
Twitter is also extensively used by spammers: fake accounts can be created far more easily than on Facebook via a trivial scripted process that involves submitting only a name, email address and password. Fake accounts either mention legitimate users or comment on trending topics in order trick surfers into following dodgy links. Many fake accounts can be recognized by following a large number of people but having few people following them back.
Exploit kits and "Facebook cloaking tools" are being offered for sale in underground cybercrime marketplaces in much the same way tools that automated the process of email spamming have long been sold.
Comments
