Spammers Increase Sophistication in Attacks Against Social Networking Sites

Cyberoam, an online security company, on May 4, 2009, announced its E-mail Threat Report for Q1 2009, according to which, spammers have evolved their social engineering tactics to include greater sophistication in their attacks.

Researchers at Cyberoam said that spammers tricked end-users, visiting social-networking websites such as Twitter, Facebook and MySpace, into giving away their personal information. Knowing that end-users would become upset to find their own scandalous images online, spammers exploited this fear through the dispatch of wall-posts declaring that such images appeared on the mentioned sites, the researchers added.

A still higher grade of sophistication that scammers use is creating bogus Internet pages to dupe end-users. Researchers recalled how Facebook had encountered such attacks during the end week of April 2009, when the spammers sent e-mails to Facebook users that encouraged recipients to click on the given links. However, on clicking them, users were led to a so-called log-in page of Facebook that asked for their log-in particulars.

Similarly, users of Twitter too became spammers' target a number of times when Twitter messages were sent to members that contained funny photos and blog posts of them. Furthermore, security flaws within Twitter such as the TinyURL facility to use short URLs in place of the long ones in order to adjust with Twitter's limit of 140 characters. This implies that users often couldn't discern the destination of the link ahead of clicking.

Abhilash Sonwane, Vice-President of Product Management, Cyberoam said that attackers had yet again confirmed that their activities related to both ends of an attack, the end-user as well as the environment from where the attack took off, as reported by PCWorld on May 4, 2009.

Sonwane further said that the combination of users' emotions and environment flaws proved an effective method to proliferate malicious code attacks. While Cyberoam suggests for safeguards against evolving threats, the company also recommends spread of user-awareness for the effective mitigation of attacks.

In addition, Cyberoam's report also observes that during Q4 2008, there was a 3% increase in loan spam while during Q1 2009, 28% of the total spam related to the world's current economic conditions.

Related article: Spammers Continue their Campaigns Successfully

» SPAMfighter News - 5/12/2009