In a recent post on Symantec Corp.’s Security Response blog, the recent spike in social network spam was highlighted.
Despite the fact that many of the most successful spam techniques were established back in the early days of e-mail, Liam O Murchu, manager of security response operations at Symantec, said Facebook attacks are more often successful because they exploit a trust between users and the service.
“There’s a lot of people that fall for [spam attacks], particularly if it comes from a user that they trust,” O Murchu said.
James Quin, lead researcher at Info-Tech Research Group, thinks Facebook sees the most attacks because of the “size factor,” as “the more targets, the greater the number of potential victims.” On top of that, he also says that the flexibility of things you can do on Facebook and the ways you can interact lend themselves better to spam.
O Murchu said it took some time for Facebook to become the dominant vehicle for spam. Spammers will move from technology to technology, staying up on trends and attacking where the concentration of users is greatest.
He also said the data Symantec collected suggests some organization in the attacks.
Quin isn’t so sure. While he acknowledges that the attacks may be co-ordinated between spammers, he doesn’t think they’re targeted on purpose. “Targeted attacks by definition focus on specific groups, and ultimately specific individuals; social media spam is nothing more than exercising an alternate delivery method,” Quin said.
Both Quin and O Murch said that spammers are still after the same things they’ve always wanted. Fraudulent links will, at best, send you to a knock-off or fake pharmaceutical site, and at worst infect your computer with malicious code that will send more illicit links to your entire contact list.
The only thing that has changed, to quote Quin, is the delivery method.
“Social media has become one of the dominant usages for the Internet and so it becomes a natural target for spammers who are looking for the broadest venue for their messages,” Quin said.
He also said that spam trends are cyclical in nature. “In ‘traditional’ formats, they move from one point of interest, election spam, Christmas spam, etc., to another. They do this to maintain interest and so that messaging stays more pertinent. Cycling between social media venues ensures that threats don’t become stale and less effective,” Quin says.
And the spammers may have to cycle to yet another new popular social network, as Google+ has just entered the beta-testing stage. O Murchu said it’s just a matter of time before spam attacks start cropping up in Google+, but it won’t necessarily be too soon. It took a few years before spammers found the best ways to get at Facebook users.
Quin agreed. “Cybercriminals, including spammers, have shown tremendous ability to unearth vulnerabilities and weaknesses that they can exploit. I see nothing in the way the Google develops is applications and capabilities that indicate that it would be any different,” he said.
