Jun 11 A Quick Look at Spammers in Social Media
Spammers are nothing if not inventive, and social media sites have given them fertile-and lucrative- ground. The genius in the spam is hiding in plain sight. The best spam is friendly, inviting, and deeply ordinary, exactly like the links that millions of unsuspecting people click every day. At best, the victim clicks through to a benign affiliate site and doesn’t know he’s been scammed. At worst, they unwittingly download a vicious program capable of disabling hard drives, eating data, stealing login information, and hijacking any accounts the PC owner can access.
In the past, spammers were responsible for a huge amount of email spam, much of it in service of pharmaceutical ads and porn. Porn bots also took a toll on chat clients, luring unsuspecting boys with friendly “remember me?” type come-ons. Today’s spammers are more sophisticated and often harder to identify.
Each social media site requires a different approach. On Twitter, fake profiles, usually featuring scantily clad women, join hashtag chats with enticements for posters to click links. The clever ones mimic the content of the chat in some way to appear to be participating in the conversation. In one popular chat recently, more than half the tweets were spam. On Facebook, even clicking the “like” button can be risky. The practice of using likes to spread spam is so prevalent that there’s a term for it – likejacking. “Spammers create as many as 40 percent of the accounts on social-media sites, according to Risher.”
Pinterest, one of the newer entries in the social media sphere, faces a different challenge. Fake accounts pin enticing interest photos with embedded links that lead to unrelated affiliate or malicious sites. Not only does this harm the person who clicks the link, it can also irreparably damage the reputation of the store or manufacturer associated with the hijacked photo.
Another spam angle can be found on sites like fiverr.com. New websites can boost credibility by purchasing fake friends and followers for social networking profiles. Since people tend to trust sites with followings, building a friend list can equal building credibility, at least temporarily. While this may not prove to be a good long-term strategy, slightly shady operations – known as gray-hat in the business – can get a quick boost and result in 50,000 hits, which adds to the spread. And the take.
On Facebook, victims are often easy to spot. Their walls will be full of posts like this:
“W0W I cant believe that you can see vvho is viewing ur proffile I just checked my TOP profile lookers and I am SHOCKED at vvho is viewing my profile! You can also see WHO SEES YOUR PROFILE” or “LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE” –plus a convenient link to click and spread the love. Note the intentional misspellings of red-flag words.
On Twitter, spambots often reply with @ messages containing only links that have been shortened – and as a result, camouflaged. On sites like Pinterest, spam is more difficult to spot because the links are embedded…victims often find out only when they are redirected to a seemingly random site.
How lucrative is social media spam?
According to an article in the Daily Dot, spam can be quite lucrative indeed. After they posted an article about Pinterest spamming, a self-proclaimed affiliate marketer gave some very detailed information, including that he makes up to $2,500 a day with thousands of spambots…and Pinterest has only managed to shut down one. He recanted his story the following day, but the facts of his initial confession check out. Regardless of his personal veracity, the story exposed the scheme and prompted Pinterest to make changes to the program algorithm.
The battle for control
Social media sites spend astronomical amounts of money to combat spammers. Every site has tools for users to report spam and other abuse. In a lawsuit filed in April against two software companies and several individuals, Twitter claimed that it spent $700,000 to combat spam attacks launched by the defendants named. CNet News reports that Facebook and the state of Washington sued spammy advertising company Adscend early this year. The Washington State suit was settled for $100,000, which sounds like a big chunk of change until you read the complaint – that 80% of Adscend’s $1.2 million monthly revenue is generated by Facebook scams. The Facebook suit was also settled and the terms were undisclosed.
Software security company Symantec recently ran an analysis of likejacking schemes on Facebook and found that fully 15% of the 3.5 million video posts on any given day were likejacking attacks. That’s three videos out of every 20.
What You Can Do
The best thing you can do is to report social media spam whenever you see it. Each social network has their own methods for reporting spam, usually as easy as clicking the “report spam” button. For your business, you need to be vigilant about checking alerts for your business name to ensure spammers aren’t giving you a bad name. Your online reputation management (ORM) efforts aren’t just about dissatisfied customers or negative items in the news anymore. You could just have the bad luck of being used for someone else’s schemes to make a quick buck. Sadly, that’s why spam is everyone’s problem…and not just an annoyance.