Visitors to Facebook sites are often tricked into filling out surveys that generate affiliate payments for the scammers, victimizing legitimate businesses that pay affiliate fees, according to the company’s 2012 Internet Threats Trend Report.
“There are three stages to these attacks”, explained Avi Turiel, director of product marketing with Commtouch. The first stage is using social engineering to trick the individual user, the second stage is to use the Friends network to spread the attack, and third stage is the payoff, such as increasing visits to an affiliate marketing site, Turiel told Infosecurity.
Facebook users are induced to click on the scams through such social engineering tactics as free merchandise offers, celebrity news, new (fake) Facebook applications, or a “trusted” friend sending a message stating: “You have to see this!”
Malware is to blame for the spread of slightly over half the analyzed scams. In 48% of the cases, unwitting users themselves are responsible for distributing the scam content by clicking on “like” or “share” buttons, according to the report.
Turiel said that Facebook is getting better at detecting and deleting malware and other “bad stuff.” The attack vectors are also being addressed by browsers, he added.
Commtouch expects Facebook attacks to continue in 2012. “I’m sure cybercriminals will surprise us with new methods of attack”, Turiel said.
Besides Facebook threats, the Commtouch report discussed web threats, phishing, malware, and spam. The content of the report is based on data from Commtouch’s GlobalView Network, which tracks and analyzes billions of Internet transactions daily.
The trend report described the explosion of email-borne malware in the third quarter of 2011 to the highest levels observed in over two years, followed by its subsequent drop to earlier low levels during the fourth quarter.
“At the beginning of 2011, I don’t anyone would have predicted how much spam has dropped this year”, Turiel said. He attributed the drop to large botnet takedowns, as well as prosecution of spammers and manufacturers of counterfeit pharmaceuticals.
While emails with attached malware have subsided, email messages with malware links hosted on compromised Web sites increased significantly, using themes like pizza delivery notifications and airline itineraries to trick recipients into clicking on the malicious links, the report found.