Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":53,"date":"2016-04-24T17:51:56","date_gmt":"2016-04-24T17:51:56","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=53"},"modified":"2019-04-17T12:26:14","modified_gmt":"2019-04-17T12:26:14","slug":"twitter-spam-scams-increasing-in-frequency-complexity","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2016\/04\/24\/twitter-spam-scams-increasing-in-frequency-complexity\/","title":{"rendered":"Twitter Spam Scams Increasing in Frequency, Complexity"},"content":{"rendered":"

$\"dontpanic_2\"$ <\/p>\n

And so it begins. Social media spam isn\u2019t new. In fact, it\u2019s a little like that summer blockbuster movie that everyone anticipates. The spammers are the movie execs, asking \u201chow can we leverage this idea?\u201d The collective social media sites of Web 2.0 are the movie theaters, the delivery mechanism that expect \u2013 nay, count on \u2013 a slew of traffic. IT professionals are the marketing guys who have been hyping it for some time (who among us hasn\u2019t warned an IS Manager or CTO that social media was going to result in a truckload of headaches?). And the general public is, well, the general public. The moviegoers. The (computer) users.<\/p>\n

Just like that summer blockbuster, when the release date finally hits, scores of people see it and just like spam, most of us walk away asking ourselves: why did we pay ten bucks to see that? <\/em>(to make my analogy clear, people ask: why did I click<\/em> that?) In the past few years, social media spam has become an epidemic of\u2026well, epidemic proportions. For the social media giant Facebook, its users, and the IT folks who lose sleep while debating whether to block it from the company WAN, nothing I\u2019ve said here is news; but now, it appears, spam is coming to a Twitter account near you.<\/p>\n

Last week, Christopher Boyd of GFI Labs wrote a revealing blog post entitled \u201cThe cake is a lie,\u201d<\/a> recounting a recent surge in Twitter spam (T-Spam? Twam? SPitter? Thoughts, please. Let\u2019s coin a term!) over last week\u2019s release of Valve Software\u2019s new game, Portal 2. Christopher stated that, \u201ca lot of these spambots were directing users to a “Portal 2 Loader” (hat tip to MrTom<\/a>), which has been downloaded roughly 4,000+ times and appears to be a Portal 2 crack.\u201d Christopher also notes that searches on \u201cPortal 2 Still Alive\u201d are yielding some dubious results, but that at least the search engines are flagging the results as potentially dangerous links. YouTube isn\u2019t any better, with videos offering cracks for the low, low price of completing a survey. Clearly, these are malware-infected sites that should be avoided at all costs, but like Douglas Adams pointed out in The Hitchhiker\u2019s Guide to the Galaxy<\/em>, a big red button can be awfully tempting, even if it\u2019s just sitting there waiting to be pushed.<\/p>\n

Big red buttons come in many different forms (and colors). The Register reports<\/a> that last Tuesday a rogue app began spreading like wildfire, with a survey scam that might be too tempting not<\/em> to click. In this one, a \u2018tweep\u2019 (I use the sneer quotes intentionally; read on) named \u2018Follow Finder 332\u2019 is pushing an app which promises to let users know just who has \u201cunfollowed\u201d them. \u201cIn reality,\u201d The Register reports, clicking the link \u201cdoes nothing but offer up a worthless survey that falsely promises lavish prizes for completing a questionnaire, earning the originators of the scam money in the process from unscrupulous marketing firms.\u201d<\/p>\n

The source tweet preys on our most basic weakness: to know who doesn\u2019t like us (who unfollowed us) and why. Here\u2019s why pushing that \u2018big red button\u2019 is so dangerous: like many websites today, clicking the link will pop up a dialog box asking for permission to access the Twitter account. I\u2019m sure we\u2019ve all done it at some point. Every so often, I\u2019ll retweet an article that I think my followers will find interesting, but those retweets come from relatively safe sites like Yahoo! News, Reuters, or The Register. Unfortunately, we humans are creatures of habit, and this popup looks like every other popup asking for access to the Twitter account. A big red button that\u2019s just too easy to push.<\/p>\n

The source tweet propagates by using trending hash tags on Twitter (in case you were curious, right now #ithurtswhen #becauseoffacebook and #happyeaster are the top 3 trending topics).<\/p>\n

Do you see the problem? \u2018Traditional\u2019 spam \u2013 email spam \u2013 spreads because someone somewhere opted in to a distribution list, whether the list was innocent or not. That\u2019s the \u2018push approach,\u2019 because the spammer is pushing the information out to the distribution list. The Twitter scam uses the \u2018pull approach,\u2019 because the potential target (the Twitter user) is requesting the information (the trending topic) and therefore \u2018pulling\u2019 or asking in a sense, for the spam.<\/p>\n

In a previous paragraph I refer to the Twitter spammer as a \u2018tweep,\u2019 which is in fact what he or she becomes. Following a trending topic means you \u2018follow\u2019 everyone commenting on that topic. With the increasing number of Twitter users, spam like this will not only increase, it potentially has the ability to spread like a rampant virus. The implications are catastrophic.<\/p>\n

Twitter schemes aren\u2019t new, relatively speaking, but this one carries with it the potential to increase in epidemic proportions. As Christopher Boyd pointed out in his blog, most of the content seen on the Portal 2 spam is nonsensical, but since it draws on Portal 2 relevant content, a Twitter user may not realize what they\u2019re doing when they click the link. True, you can\u2019t really<\/em> feel sorry for anyone searching for a crack to a program, but if the rise in spam \u2013 and the numerous Facebook scams \u2013 are any indication of what\u2019s to come, Twitter may be a good choice for a behind the firewall block for those enterprises concerned about the increasing danger of Web 2.0 spam scams.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"