rediff.com
News APP

NewsApp (Free)

Read news as it happens
Download NewsApp

Available on  gplay

Rediff.com  » Business » Beware of these 6 social networking scams!

Beware of these 6 social networking scams!

Last updated on: June 11, 2010 16:27 IST

Image: Spammers get innovative.

A techie recently fell prey to a spammer and lost thousands of rupees from his bank account. And he is not alone, despite many warnings issued to users, scamsters continue spread havoc.

At a time when the gap between the virtual and the real world is thinning down, it is your duty to protect yourself from fraudsters online.

With more people logging on to networking sites, there is a flurry of activity. Spammers are now devising innovative methods to abuse and cheat online users. An Accenture survey has revealed that India has the second-highest number of people (85 per cent) who use social networking at least occasionally.

Global consumers spent more than five and half hours on social networking sites like Facebook and Twitter in December 2009, an 82 per cent increase from the same time last year when users were spending just over three hours on social networking sites, according to The Nielsen Company. In addition, the overall traffic to social networking sites has grown over the last three years.

Cyber criminals are thus exploiting this huge growth. They lure users across social networking sites to open spam email, and steal personal data in order to understand what subjects would tempt the user. If you are not careful about protecting vital information, the loss would be beyond your imagination.

Symantec has listed top 6 ways that spammers leverage social networking sites.

...

Beware of these 6 social networking scams!

Image: Take care while on Twitter.
1. Trojan.Twebot

Symantec has detected a new Trojan botnet creator tool, called "TwitterNet Builder". The threat, called Trojan.Twebot, uses a Twitter account to issue instructions to the Trojans created by the builder. When building Trojan.Twebot, the user is able to supply a public

Twitter account for Trojan. Twebot to follow. As Trojan.Twebot does not try to obfuscate commands on Twitter, it will not be difficult for Twitter security staff to find and close accounts abusing their service in this way.

Botmasters tweet their commands to zombie The threat, called Trojan.Twebot, uses a Twitter account to issue instructions to the Trojansputers, through smart phones

Trojan. Twebot has a number of the usual commands you would expect to see, such as ".DOWNLOAD" to download additional files and ".DDOS" to perform a distributed denial-of-service attack. However, it also has the interesting command ".SAY". This command allows an attacker to get a compromised computer to use the operating system's Text-to-Speech function to read aloud any messages sent by the attacker.

Symantec recreated the attack in a controlled environment (in the lab) to show how Twitter is used as a command-and-control server for Trojan.Twebot and how by using smart phones, attackers can easily issue commands to their botnet.

...

Beware of these 6 social networking scams!

Image: David Beckam.
2. Twitter accounts with celebrity names

Twitter is also increasingly being hijacked for spam, using celebrity names. For example, a Chinese retailer has used David Beckam to push sales , tricking users into believing that the football star is following them.

The credibility of the fake account is bolstered by other fraudulent accounts linking back to it and by cross-following legitimate Twitter accounts, which will probably have been hacked earlier. In this particular case, the false David followed over a thousand accounts with a single common link - the account name contains the word "candid".

This malicious activity is fast becoming common practice nowadays. Attackers are creating Twitter accounts as a vehicle for spam advertising and, sometimes, they even include

So is David Beckham following your tweets? Probably not. Unfortunately, the spammers often succeed because many people allow their curiosity to get the better of them and ...

Beware of these 6 social networking scams!

Image: Pakistani students shout slogans during a protest against Facebook in Lahore.
Photographs: Idrees Boby/Reuters.
3. Facebook toolbar

Spam e-mails have been doing the rounds on the Internet hoping to lure recipients into downloading a Facebook toolbar. If you download the file by ...

Beware of these 6 social networking scams!

Image: Worm infects users by using social engineering attacks.

4. The Koobface worm

This worm infects users by using social engineering attacks. It spreads by abusing social networking websites or by employing search engine optimisation techniques to lure potential victims to malicious sites.

The infrastructure used by the Koobface gang is relatively simple: a central server redirects victims to one of the infected bots where the social engineering attack takes place. While the central redirection point has been actively targeted by take-down requests, the Koobface gang has so far been quick.

A year has passed since Koobface was first detected; yet, this worm and the people behind it are still very active in keeping their infrastructure up to date, finding new means of propagating the infection, and taking advantage of their victims.

In just three weeks, Symantec observed 17,170 distinct infected IP addresses. Several Indian cities are home to Koobface bots.

...

Beware of these 6 social networking scams!

Image: Be careful about passwords.
5. Don't reset your password

Symantec has witnessed a malicious spam campaign against Facebook, accompanied by a phishing attack. These messages look like an official Facebook invite or password reset confirmation mail. If we place the cursor over the update button in the message, we can actually see the phishing URL in the status bar.

If a user ...

Beware of these 6 social networking scams!

Image: Spam could be from a friend's e-mail id.
6. Is your friend a spammer?

In the past, spammers would register their own accounts and then send unsolicited messages through the social networking site. By default, the site generated automated email to let the user know that there is a new message.

While such notifications are technically legitimate, the user would have most likely considered the messages as spam, due to the unsolicited content. For spammers, this technique had a shortcoming - the message sent to the user was from an unknown person/entity.

Recently, Symantec has observed a rise in a newer technique of social networking site abuse. Symantec has confirmed that this account was not created for spamming purposes. Instead, the sender's account was hijacked and this message was sent to everyone who is "connected" (direct friend, friend of a friend, etc).

If the user navigates to the Web page provided in the message, Bloodhound.PDF.10 tries to load. In the example, the sender was not a direct friend with the user. However, it is highly likely that the user could receive such messages from a direct friend. This could give the user a false sense of confidence, which may lead to malware being installed on the user's machine.

It is a good reminder to all social networking site users that the message really may not be from a friend, even if it is from a friend.