Tuesday 06 November 2007
- Decoding the spam: Social networking scams
Decoding the spam: Social networking scams
By Steven Burn - November 3rd 2007
Up until recently, the amount of spam I received had dropped dramatically in the second half of this year, to around 2-3,000 a day. That is, until my brother found Wayn.net, meetyourmessenger.co.uk, and all those other annoying social networking site's.
Don't get me wrong, it's not directly my brothers fault, he's just an edgit that didn't know any better. He received an invite to these site's from friends, you know the one's - they tend to ask for your Messenger username and password, in order to either "see who's blocking you" or "invite your friends". Those that claim to offer a service to see who on your friends list, is blocking you, ask for your messenger credentials, then login as you, and claim to simply see, well, who's blocking you, but is that all they're doing?, actually no.
We already know not to give our credentials to any site other than the one they're meant for, thats just common sense, and I just hope those that continue doing so, will learn sooner rather than later. Instead, I'm going to focus on the "invite your friends" type of site's, such as meetyourmessenger.co.uk and the likes.
The "Meet Your Messenger" terms (thats the page of legalise that these site's know for a fact, no-one ever reads), state quite clearly;
"Please note, that by signing up for MeetYourMessenger and accepting these Terms you acknowledge that an invitation e-mail is sent to your messenger contacts in order to connect all your contacts to your network at MeetYourMessenger. We use your messenger e-mail and password to do this at the moment of your sign up. Afterwards your password will be deleted."
Thats great, they tell you they're going to send their invites to your friends whether you like it or not (hope your friends are more forgiving than I am). What they don't tell you, is that you'll also subject those very same friends to a barrage of spam. Oh and to make matters worse, the chances of them deleting the login credentials you gave them, is slim at best.
Those site's that offer all and sundry for free (e.g. shoppingspreeonus.co.uk, wixawin.com) are just as bad. In the case of wixawin, they'll also make you pay them to charge you. As an example, an alledged competition to win a PS3 states in greyed out legalise;
"The costs of the competition are 1 pound for each text message that you receive and each text message that you send to us (this amount includes a handling fee and technical costs) until you send STOP to 81121"
Fantastic!, hope you don't have a contract phone.
So do you actually receive these "offers", or win the so-called "competitions", of course not .... you've got more chance of winning a phone in on telly. No wait, they scam you on that too, how silly of me.
But I've detracted somewhat, so let's get back to these lovely spam mails you receive, with well, more offers. Who's actually responsible for this rubbish? the scammers? nope - the advertisers!. I've received "offers" promoting the likes of myoffers.co.uk, Gala Bingo, Ikea, Asda, Apple, Odeon Cinema, Sainsburys, B&Q, and all the other companies that advertise with these spammy idiots.
But wait, there's a much more sinister side to social scamming, and thats definately something that networking site's such as wayn.net, meetyourmessenger, Windows Live Spaces etc, need to do something about - underage members. To be more precise, thats underage member profiles.
I was investigating a spammer a few days ago, and punched the spammers name into Google to get a little background - what I found disturbed me, the results unfortunately showed the networking site to be allowing literally anyone, to view profiles for under 18's (in this case, the profile was for an 11 year old (the networking site involved has been notified)). You can see why this would be a problem - seems some sites didn't learn from the MySpace debacle.
So whats the point in my writing this article you ask? everyone is probably already aware of this type of thing right? well to use my brother as an example again - this is clearly not the case. If indeed, everyone were aware of the problems of social networking site's, the site's wouldn't exist as no-one would register for them, and as a result, they wouldn't be able to spam your friends list.
Now sure, there are legit site's such as Windows Live Spaces, but these are just as much a problem as the scammy one's like Meet Your Messenger, or Wayn. Aslong as people keep joining them, and aslong as these site's allow people to put personal information and in most cases, questionable photo's (if you're familiar with these site's, you've no doubt seen the under 16 profile adverts so will know to what I am referring) of themselves on the site's, there's going to be a problem.
In short, these site's are a scam - plain and simple. At best you'll simply end up with your friends being spammed to death, at worst (unless you force these site's to make under-age profile's private) you'll be helping paedophiles get their jolly's, and somewhere in the middle, you'll get yours or your friends computers infected.
Meet Your Messenger? No.
Be Aware of WAYN.com, 'Where Are You Know? Ltd.'
Web 2.0: Workers See Friend, Employers See Foe
'Social surfing' could lose parents millions to ID fraud
Rogue Security Applications Being Pushed On Myspace
Myspace Outsourcing Security Handling?
Social sites help streamline attacks
Social networks riddled with malware
Teenage networking websites face anti-paedophile investigation
Kidshield - Social Networking Sites
Updated: 07/02/2008 - New reference added