THE online hangouts for young and old alike — social networking sites — have also become the new haunt for cyber criminals, according to a recent report by cyber security firm Symantec.

Social networking spam, aimed at stealing personal data, on Facebook, YouTube and Twitter have spiked sharply between April and June this year, the report says. Shantanu Ghosh, managing director ( India product operations), Symantec, said the research on these attacks reveals a cyclical pattern.

Spam Trends!

Each social site witnessed a surge and dip in spams, which then moved on to the next site. The average life span of each spam attack cycle is between 15 and 20 days.

Ghosh said Facebook attacks increased by 28.2 per cent in April, compared to March. However, YouTube did not face any attacks in March, therefore, showing a 100 per cent increase in attacks in April. However, in line with the trend observed, attacks on Twitter were higher in March than in April, and thus it saw a 42.1 per cent drop in attacks.

Symantec also monitored about half a million public social networking profiles between February and March 2011. It was found that 21 per cent of all the messages posted by ‘ friends’ on the users’ walls, contained a link pointed to an application, either through a URL-shortening service or by a direct link. Of those, 73 per cent were actually scams or malicious applications.

Some spam samples are seen to be sent through hijacked user accounts and fake accounts created by spammers. They include malicious links that direct users to Websites from where malware is downloaded on the user’s system.

According to Symantec’s Internet Security Threat Report XVI, two- thirds of malicious links in social networking news feeds used shortened URLs.


How the rogues do it...

Some of many ways that spammers have leveraged social network to send spam include fake invitations.

1. Spammers spoof the social network brand and send invitations to join the network. The link in the email, however, redirects to a spam Website. This vector targets all users, regardless of whether they have an account or not.

2. Sometimes a spoofed notification is sent to a social network user, prompting the user to merge the account. In the process, the user is asked for account credentials. Once the accounts have been merged, several friend requests ( each containing fake profiles) appear.

Spammers also craft the messages to make them appear as legitimate photo tag/ comment notifications. The URL, however, leads to another Website promoting spam.

3. As some social networks allow third party applications, the popular applications have also been a target for spammers. Symantec has observed spam messages promoting ways to beat other players in games used in social network sites.

Various notifications have also been spoofed to spread malware. In one example, spammers sent messages prompting users to download a social networks toolbar, which was actually a Trojan.

4. Fake surveys is another ruse used by spammers to send what looks to be a survey about a social network. Users can be either asked for account credentials, or they can be redirected to a spam Website.

Ghosh said attackers exploit the profile data available on social sites to mount targeted attacks. For example, employment details, like the company they work for, other colleagues with profiles, and so on.

So the key is keep your eyes WIDE open for rogues, because you never know from where you might be attacked!