Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Botnets target social networks with spam

John P. Mello | April 23, 2013
Life can be short for bogus profiles, but the spam keeps on coming

Life for a phony profile on Twitter may be short, but it isn't deterring spammers from continuing to work their scams on social networkers, says one security researcher.

Bots aimed at Twitter are usually easily identified and shut down, but they're quickly recreated, Kaspersky Lab security expert Vicente Diaz wrote on Monday.

Diaz cited one porn campaign targeting Twitter that included more than 5,000 bots and was creating more, at the rate of 250 a day. A bot is a compromised computer that's part of larger network, called a botnet, controlled by a cyber criminal, also known as a botmaster.

That rapid rate of bot creation is necessary because their life span is smaller than a Mayfly's. "For some campaigns the half-life of the fake profiles is as low as 45 minutes," Diaz wrote.

The campaigns can be very effective when they're combined with hijacked accounts, he added. "Social media is a good environment for convincing people to click on something that they shouldn't," said Wade Williamson, a senior security analyst with Palo Alto Networks.

That's especially true of Twitter, which typically consists of a brief message and a link. The form of those links also helps spammers conceal their motives. "Many Twitter messages use shortened URLs," Williamson said. "Once those URLs are shortened, you can't see if you're being taken to a place that looks suspicious."

Spammers have also found social media superior to their old standby email for delivering their junk. "Over the years, we've trained people to be suspicious of email," Williamson said. "People really don't have as much experience with that in social media."

On Facebook, many spammers try to lure their victims to websites where infected malware can be pushed to their computers with enticing messages, said Bianca Dima, a security specialist with Bitdefender.

Topping the list of a recent Bitdefender survey of the most popular enticing messages used by spammers on Facebook over the last six months was one that claimed it could show who was stalking you on the social network.

"The scam is very popular in English, but the French and Spanish are also falling for this trap," Dima said in an interview. "They want to see their stalkers and their ex-lovers."

Messages containing links to putative sex tapes are also popular among spammers, she added. Prime attractions in that category are Rianna and Tayor Swift.

Spammers like social media because it gives their messages credibility. "If you see something on your friend's Timeline, you believe it," Dima said.

While social networks like Twitter and Facebook have made great strides in combating spam and scams on their systems, miscreants will continue to mine the networks for victims because there's plenty of cash to be earned from their efforts.


1  2  Next Page 

Sign up for Computerworld eNewsletters.