Harmful Web-Links Distributed In Bulk Through Phony Amazon Profiles
Security researchers at Zscaler a cloud security vendor warn that numerous phony Amazon profiles have been identified through which spam links are being advertised that link up with malware-dissemination websites or bogus online pharmacies.
The researchers further state that spammers, for long, have been utilizing phony profiles to distribute spam across those Internet sites which let user-intercommunication. At first these sites were forums but now these are social-networking websites.
Explains senior security researcher Mike Geide at Zscaler, usually whenever a website lets the publication of user-driven content, some exploitation or other has been observed like on Google Code, LastFM, Adobe Groups, etc. Softpedia published this on December 2, 2010.
The same exploitation has been observed on Amazon too since here registered users in addition to trading items, post lists, reviews, recommendations, guides, etc. too. By doing an ordinary web-search for the related domains as well as the taglines used within the phony profiles, one can see that a lot of them exist to solely get these websites to the maximum number of users.
Nonetheless, the most recent spam runs seen on Amazon.com involve phony profiles for exploiting the above the type of community characteristics so that malevolent web-links can be advertised. For example, a particular assault pushes illegal adult material by diverting Web-surfers onto twin websites that certain server hosts which was earlier involved in distributing scarewares and Trojans.
Moreover, Google Groups too are advertising the same websites through spam based on the identical method of phony profiles.
During one more campaign too, numerous bogus Amazon accounts are being utilized for pushing fake prescription drugs that connect with fake Internet pharmacies.
Currently, these pharmacy promoting spammers are attempting at expanding their operations so that revenues may continue to flow, following the shutdown of the affiliate program of the biggest fake pharmacy spam in the world during October beginning (2010).
The security researcher at Zscaler who noticed this has informed Amazon about their website's abuse.
Meanwhile, end-users are cautioned that these websites frequently appear extremely professional that entice users to follow harmful web-links alternatively to buy fake software, hence they must be very careful.
Related article: Harmful spam increased by eight times in Q3
» SPAMfighter News - 16-12-2010