May 24, 2009

New channel, same methods

With the increase of users in social networks, it was just a matter of time I guess before spammers got interested in spamming people there.
Recently, I could spot three new ways spammers try to get hold of contacts (just as spammers hack people's email contact lists and scan the net to gather emails).

First method is the nice looking lady friend request, I've experienced this in professional networks and facebook: A nice looking lady asks to enter your network, of course you never heard about this person, and it's very likely she will start sending to you links to commercial websites.
This spam method can easily be countered by not accepting unknown users' requests.

Second method (I just saw for the first time today): Hacking people's accounts (phishing). I received today an internal message on facebook from a friend that, after talking with, told me he never sent. This email was just a link to a website looking like a facebook login page. If you type in your information, it's very likely that your account would then be stolen and a mail be sent to all your contacts, pointing to this website. Once sufficient accounts are stolen, then they could start broadcast spam to all the contacts of these accounts.
To fight this kind of spam, I advise you not to type in your login/password on any other website than facebook (or a fully trusted third party website) and tell your contact, their account has been hacked so they can try to change their password.

Third method is, I'm afraid, a spam system you can't do anything about. Because the primary goal of a social network site is to allow people to connect to each other, the more often, it is possible to message anyone registered on the website, even outside your network. You would then be exposed to unsolicited messages, even though this is still quite rare.

Of course today, the amount of spam messages received through email is far more important than the number of spam you might receive through social networks, but beware, I'm afraid things could evolve quickly (and in a bad way).

No comments: