Thursday, January 20, 2011

Social Networking: A top target of Malware Infections and Scam Spam

 Social Networking has risen to become one of the most popular online destinations. As it has risen to popularity the amount of malware and spam spreading through it has risen with it. It is now simple to find a scam social app by just typing a few keywords into the social search bar. Today a large amount of malware links went through twitter (more on that later), and scams are also spreading heavily on all these social networking sites (Free Iphone is what I most commonly see but a few scams are advertising other products).

 First on the twitter malware attack that happened today. The attack was just a bunch of one short-url link posts, people being curious lead to to clicks on these malware links. The end result was an a few redirects that eventually lead you to one of those sites wanted to install a FakeAV on your machine. While doing analysis on the URL this morning only 5 vendors were detecting the initial redirect which you can see here: VT however I did not get to look into the payload before the links were taken down. You can see some more details on this attack over at my friends blog here (It is also a blog I highly recommend reading): http://bartblaze.blogspot.com/2011/01/twitter-worm-spreading-virally.html


 Another type of social networking scam/malware thing I have see come up is those scamming apps that say they can tell you who has seen your profile or how many page views you have (I have written about these before). None of these apps can actually do as they say. The how many page views you have just posts a random number. Why do people make these you may ask, the surveys that you are asked to take. Most of the time when you sign up for the services asked in the survey in the app you end up paying for some service and the app creator gets some cut of the money. I have personally seen a big increase of apps like this in the past few weeks. So always watch what apps you let access your profile.

  The final type of scam I am going to warn you about is the sites that offer you things for free. If it is too good to be true it most likely is. I have a twitter search opened at the moment looking under the keywords "Free Iphone" to watch for these scam sites. So far as I have been writing this blog 344+ new tweets have been tweeted mentioning the words "Free Iphone". The number keeps growing every moment Not every one of these are actually scam ones however a majority are. However on the bright side as I extract most of these urls they are now being directed to that url shorting services warning site to warn that the url was being used for spam.

 So stay safe while you are using those social networking sites. If you come onto a site saying they will give you one of the most popular tech items free it is most likely a scam. If you see a facebook app that will tell you how many page views you have had or who is looking at your profile don't believe them. If you run into a short url and are tempted to click it run it through this URL extraction service which I highly recommend: http://www.urlvoid.com/extract-url/

No comments:

Post a Comment