Social Spam

April 20, 2012

Being involved in law enforcement for the past 26 years has given me some insight into the criminal element of society. The criminal, although a lazy animal, is very astute to preying upon human behavior, such as curiosity, utilizing the art of “social engineering.” Just like the real world, the cyber criminal is now turning to the same techniques online that prey upon human behavior and cyber habituation. One such social engineering precept is if a message is received from a known “friend,” a user is more likely to click on a link, picture, or video.

When email first became popular, so was the junk mail (spam) that came with it. The goal of spam was to trick us into clicking on a link that pretended to be something else, when in fact it was malware covertly designed to either steal our personal information or take control of our computer.

Today, with the popularity of social networking, we are now seeing an increase in what is being called “social spam.” Recently, Facebook advised that social spam is growing more rapidly than their user base. It is because of this fact that Facebook has created spam-fighting teams that are dedicated full-time to this new threat.

So, how does social spam work?

  • Once malware has been downloaded onto a friend’s computer, Smartphone or tablet, it can allow a criminal to access their Facebook account as if they were the actual owner.
  • Once the criminal takes control of your friend’s computer, they then post a message on your page offering a “free iPad, free iPhone, gift certificates to the iTunes or Android store” or messages you to click on a picture or watch an attached video that you can’t ignore.
  • Once you click on the link, photo, video, or “like button” provided, it then takes you to a second website that asks you to now click on another button to access the photo, video, or gift certificate.
  • It is when you click the button on the new site, that you now unknowingly authorize the downloading of harmful malware onto your computer.
  • This malware now infects your computer, just like your friends, and uses your contacts/friends, your wall, and your profile to continue the fraud.
  • The goal of social spam is to collect as much personal information about the user as possible including email addresses, login information, and social relationship data that can now be exploited. Some malware may also provide a criminal access to other personal information on your computer such as bank account logins or credit card information. What is important to remember is that social spam often allows the criminal to collect personal information about you, so that they can impersonate you online for criminal purposes.

How can we, as social media consumers, minimize the above noted risks?

  • Recognize that “social spam” is now a current threat.
  • If an offer is too good to be true, then it likely is. DON’T click the link.
  • If a post is too enticing, then it likely is. DON’T click on it.
  • If you do click a link, picture, video and it takes you to another website, DON’T click a second time as this will now authorize your computer to download probable malware.
  • Given that so many social networks are being hi-jacked, remember that the friend that you know may not actual be who they say they are. If a friend posts something out of character, it may not be your friend who is posting. Before you click, call your friend and verify, especially when your spider sense is tingling.
  • Don’t friend people who you have never met face-to-face.
  • Ensure that you always keep your computer security updated; make sure you have uploaded current operating system patches, use robust passwords, use file encryption for sensitive files and passwords, utilize current and updated security software, and ensure that you have both software and hardware firewalls in place and that you have encrypted your Wi-Fi.

Digital Food For Thought

Darren Laur

AKA #thewhitehatter

Support The White Hatter Resources

Free resources we provide are supported by you the community!

Lastest News Show

Explosive USB Drives!
Explosive USB Drives!
Twitter No More SMS 2FA for Free – Twitter Blue Only
Twitter No More SMS 2FA for Free – Twitter Blue Only
Facebook Password Flaw - Now Fixed
Facebook Password Flaw - Now Fixed
Scammed by ChatGPT! Darkside of AI
Scammed by ChatGPT! Darkside of AI

Latest Podcast Episode

Latest Blog Post

The White Hatter Presentations & Workshops

Ask Us Anything. Anytime.

Looking to book a program?

Questions, comments, concerns, send us an email! Or we are available on Messenger for Facebook and Instagram

Your subscription could not be saved. Please try again.
Your subscription has been successful.

The White Hatter Newsletter

Subscribe to our newsletter and stay updated.

We use Sendinblue as our marketing platform. By Clicking below to submit this form, you acknowledge that the information you provided will be transferred to Sendinblue for processing in accordance with their terms of use