Internet users now spend more time on social networks than they do on email**. Recognizing this, spammers have adapted their methods to fit the medium.
"A lot of this spam is cost-per-action spam," says F-Secure Security Advisor Sean Sullivan. "In the old days, adware toolbars were the product, and they had direct affiliates. Now with social networking spam, I’m seeing affiliate networks acting as the middlemen for the product or brand, which allows localization across the globe."
The growth in social networking spam comes both from spam applications and fake profiles.
The applications push viral concepts like the Facebook "Dislike" button, which was tried by 12 percent of Facebook users, or the ability to see who has viewed your profile, tried by 20 percent. Once a user activates a spam application it instantly becomes shared with all of their friends, possibly spreading a scam.
The fake profiles usually employ an image that presents an alluring young female. Often the profiles feature frequent updates and accumulate large friends lists through months of activity before they begin spewing spam, often for adult sites. "There is serious time involved in obtaining 4,000 friends," says Sullivan.
While spam may diminish users’ experience on the site, the majority of Facebook users still feel comfortable. 77 percent said they feel safe on the site at least most of the time. When it comes to security, users worry most about protecting their financial details and their personal reputation or brand. 29 percent are most concerned about identity theft while 28 percent are most troubled by the thought of their Facebook account being hacked.
This suggests that users closely connect their Facebook identity with their real world identity. This connection along with a clean interface and a lack of spam helped Facebook surge past competitors like MySpace.
Facebook has recently taken new steps to eliminate spam, including legal action against alleged spammers, site enhancements like the ability to report comments as spam and a spam filter for business pages.
There are more steps Facebook can take to remove the fake profiles that produce more and more spam. "You cannot easily report a profile as spam," says Sullivan. "Using photo recognition to identify fake profiles could also be helpful, as many of the profile pictures are used again and again."
The best way users can reduce the Facebook spam they encounter is by only friending people they know and trust. "You create your network," Sullivan says. "By keeping the spammers out, you protect your friends and family."
A video with Sean Sullivan and Mikko Hypponen on spam 2.0 is available at YouTube: http://www.youtube.com/fsecurenews#....
*The survey was carried out by F-Secure via SurveyGizmo during October and November of 2010. 363 participants were solicited from around the globe through F-Secure’s Safe and Savvy blog. F-Secure asked respondents a series of questions about how they used Facebook on a daily basis.
**Source, "Digital Life," October 10, 2010, http://discoverdigitallife.com/ [November 25, 2010]
Send this IT news to a friend