Security Corner

Dec 30 2009   8:00PM GMT

Web 2.0 Security: Spam and Bot Infections

Ken Harthun Ken Harthun Profile: Ken Harthun

On the socials, spam is typically used for plain old advertising, click fraud and bot recruitment. The attackers hijack accounts and use their address books to spread spam, worms, or other malware. In my last post, I told you about how my Twitter account was hijacked to spread spam; fortunately, that spam was relatively innocuous, simply meant to recruit more victims whose accounts could be hijacked. However, it could have been intended for more nefarious purposes; I caught it before it got beyond a few spam tweets.

No one on the socials is immune to this, even security wonks like me. The other day, I fired up Skype and was immediately greeted by “Software Update” who informed me that “WINDOWS REQUIRES IMMEDIATE ATTENTION” and it provided me with a link. Of course, it’s bogus and had I clicked the link, I would probably have been infected with a bot or some other malware.

The same rules that apply to email spam apply to spam posts, comments, tweets, chats, even Skype contact requests. Let me refresh your memory on a few of the important ones:

  1. Don’t accept unsolicited messages from someone you don’t know.
  2. Never click on links in unsolicited messages.
  3. “Hot” girls or guys are NOT looking to meet you–that’s a ploy to get you to click. Don’t!
  4. Your bank will not notify you by email if there is a problem with your account.
  5. Neither will your credit card company.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: