While spam decreased overall in 2011, attacks on social networking sites are increasing.
The continued growth of social networking makes it a natural target for spammers and malware authors. Plus, most social networking sites are trusted and users are more likely to click on a link found on the site or in an email sent by another member of the same network. And best of all for some bad guys, use of social networks allows the spammers and scammers to target specific demographic groups. All this adds to the appeal of social networks for them, and they are constantly finding new techniques to exploit these networks.
A lot of malware directed at social media sites sends links or other information to everyone on the member’s contact list. When people get a message from a friend or family member that says “click on this link” or “view this video”, etc., they may not think twice before acting as requested. At that point, they’ve just been tricked into doing the work of the spammers and scammers for them.
A social networking site we wrote about earlier, Pinterest, has been targeted. Pinterest allows users to share photos and links, and spam is sometimes in the embedded links attached to photos. In at least one case, someone used a non-member’s email account to set up a fake account on Pinterest. The non-member then began to get spam.
For anyone interested in more detailed information, Symantec, a leading internet security firm, in April published “INTERNET SECURITY THREAT REPORT, 2011 Trends”. The report covers spam and malware directed at more than just social media and details ways for individuals and organizations to protect themselves.
One interesting fact noted in this report is they determined that “61% of malicious sites are actually regular Web sites that have been compromised and infected with malicious code.”