I.T. Mate
                                       Extranet
Menu: Home | About | Articles | Blog | Contact Us | Downloads | News | Search | Services | Support

hphosts logo
Services
hpHosts HOSTS file
sGB Hosted Guestbooks
sURL URL redirection
vURL Webpage dissection

Homepages
I.T. Mate
AB Archive
hpHosts Blog
hpHosts Online
Phishing Scams
Product Support
sURL
vURL Online

Friends ...
BugHunter
FSpamlist
Helen Benoist
Wrightway Computers

MVPLogo
Articles

Tuesday 06 November 2007 - Decoding the spam: Social networking scams
Decoding the spam: Social networking scams
By Steven Burn - November 3rd 2007

PromospamUp until recently, the amount of spam I received had dropped dramatically in the second half of this year, to around 2-3,000 a day. That is, until my brother found Wayn.net, meetyourmessenger.co.uk, and all those other annoying social networking site's.

Don't get me wrong, it's not directly my brothers fault, he's just an edgit that didn't know any better. He received an invite to these site's from friends, you know the one's - they tend to ask for your Messenger username and password, in order to either "see who's blocking you" or "invite your friends". Those that claim to offer a service to see who on your friends list, is blocking you, ask for your messenger credentials, then login as you, and claim to simply see, well, who's blocking you, but is that all they're doing?, actually no.

We already know not to give our credentials to any site other than the one they're meant for, thats just common sense, and I just hope those that continue doing so, will learn sooner rather than later. Instead, I'm going to focus on the "invite your friends" type of site's, such as meetyourmessenger.co.uk and the likes.Promospam

The "Meet Your Messenger" terms (thats the page of legalise that these site's know for a fact, no-one ever reads), state quite clearly;

"Please note, that by signing up for MeetYourMessenger and accepting these Terms you acknowledge that an invitation e-mail is sent to your messenger contacts in order to connect all your contacts to your network at MeetYourMessenger. We use your messenger e-mail and password to do this at the moment of your sign up. Afterwards your password will be deleted."

Thats great, they tell you they're going to send their invites to your friends whether you like it or not (hope your friends are more forgiving than I am). What they don't tell you, is that you'll also subject those very same friends to a barrage of spam. Oh and to make matters worse, the chances of them deleting the login credentials you gave them, is slim at best.

Those site's that offer all and sundry for free (e.g. shoppingspreeonus.co.uk, wixawin.com) are just as bad. In the case of wixawin, they'll also make you pay them to charge you. As an example, an alledged competition to win a PS3 states in greyed out legalise;

"The costs of the competition are 1 pound for each text message that you receive and each text message that you send to us (this amount includes a handling fee and technical costs) until you send STOP to 81121"

Fantastic!, hope you don't have a contract phone.
PromospamSo do you actually receive these "offers", or win the so-called "competitions", of course not .... you've got more chance of winning a phone in on telly. No wait, they scam you on that too, how silly of me.

But I've detracted somewhat, so let's get back to these lovely spam mails you receive, with well, more offers. Who's actually responsible for this rubbish? the scammers? nope - the advertisers!. I've received "offers" promoting the likes of myoffers.co.uk, Gala Bingo, Ikea, Asda, Apple, Odeon Cinema, Sainsburys, B&Q, and all the other companies that advertise with these spammy idiots.

But wait, there's a much more sinister side to social scamming, and thats definately something that networking site's such as wayn.net, meetyourmessenger, Windows Live Spaces etc, need to do something about - underage members. To be more precise, thats underage member profiles.

I was investigating a spammer a few days ago, and punched the spammers name into Google to get a little background - what I found disturbed me, the results unfortunately showed the networking site to be allowing literally anyone, to view profiles for under 18's (in this case, the profile was for an 11 year old (the networking site involved has been notified)). You can see why this would be a problem - seems some sites didn't learn from the MySpace debacle.

So whats the point in my writing this article you ask? everyone is probably already aware of this type of thing right? well to use my brother as an example again - this is clearly not the case. If indeed, everyone were aware of the problems of social networking site's, the site's wouldn't exist as no-one would register for them, and as a result, they wouldn't be able to spam your friends list.

Now sure, there are legit site's such as Windows Live Spaces, but these are just as much a problem as the scammy one's like Meet Your Messenger, or Wayn. Aslong as people keep joining them, and aslong as these site's allow people to put personal information and in most cases, questionable photo's (if you're familiar with these site's, you've no doubt seen the under 16 profile adverts so will know to what I am referring) of themselves on the site's, there's going to be a problem.

In short, these site's are a scam - plain and simple. At best you'll simply end up with your friends being spammed to death, at worst (unless you force these site's to make under-age profile's private) you'll be helping paedophiles get their jolly's, and somewhere in the middle, you'll get yours or your friends computers infected.



Additional References

Meet Your Messenger? No.
http://ozlya.blogspot.com/

Be Aware of WAYN.com, 'Where Are You Know? Ltd.'
http://tomvanbrunschot.typepad.com/transformationeconomy/2007/08/be-aware-of-way.html

Web 2.0: Workers See Friend, Employers See Foe
http://www.barracudanetworks.com/ns/news_and_events/news.php?nid=301

'Social surfing' could lose parents millions to ID fraud
http://www.computeractive.co.uk/computing/news/2185327/social-surfing-cost-parents

Rogue Security Applications Being Pushed On Myspace
http://www.vitalsecurity.org/2007/06/rogue-security-applications-being.html

Myspace Outsourcing Security Handling?
http://www.vitalsecurity.org/2007/05/myspace-outsourcing-security-handling.html

Social sites help streamline attacks
http://www.computeractive.co.uk/computing/news/2172984/social-sites-give-away-details

Social networks riddled with malware
http://www.computing.co.uk/vnunet/news/2162095/social-networks-riddled-malware

Teenage networking websites face anti-paedophile investigation
http://www.guardian.co.uk/technology/2006/jul/03/news.childrensservices

Kidshield - Social Networking Sites
http://www.kidshield.eu/kidshield_social_networking_sites.htm


Updated: 07/02/2008 - New reference added


Part 1 | Part 2 | Part 3 | Part 4 | Part 5

<< Back to Articles Discuss this article

Archives: 2003 | 2004 | 2005/6

Sophie Lancaster Foundation

End User Licence Agreement | Help Us | Privacy Policy | Terms of Use
Copyright 1998 - 2016 I.T. Mate - All Rights Reserved