Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Social Media: Still A Popular Hunting Ground for Cyber Criminals

The world of social media, with its wealth of information and volume of potential victims, has remained a popular stomping ground for cyber criminals. While examining the ten most prevalent threat detections for April, GFI Software discovered that Twitter and Facebook were no longer the main sources of material for enterprising scammers.

The world of social media, with its wealth of information and volume of potential victims, has remained a popular stomping ground for cyber criminals. While examining the ten most prevalent threat detections for April, GFI Software discovered that Twitter and Facebook were no longer the main sources of material for enterprising scammers.

“Established sites like Facebook and Twitter have long been a breeding ground for new cyber-attacks, but now we are seeing scammers taking an interest in the popularity of newer sites like Pinterest in order to catch victims off guard and trick them into clicking on something they shouldn’t,” commented GFI’s Senior Threat Researcher Christopher Boyd. 

Cybercriminals Use Social NetworksIn April, Twitter users were targeted with “must-see” tweets containing links that sent the victim to a domain that delivers fake anti-virus software. That particular campaign was followed by a similar one that directed users to domains leveraging the Blackhole Exploit Kit in order to infect the system with various types of malware. Once infected, the system would be pushed off to a secondary location hosting the Windows Antivirus Patch, which is another Rogue AV program.

Also on Twitter, a spam campaign using the account “Pinterestdep” (which was removed prior to GFI’s report being published) claimed to offer Visa gift cards to users willing to provide their opinions about Pinterest. Here at SecurityWeek, we observed this bot in action. After mentioning Pinterest in a message, we were spammed with a link to a survey offering a gift card. To collect, we needed to complete several forms and refer people to do the same.

According to GFI, Scammers also took advantage of Tumblr users who mistakenly entered “Tublr” into their web browser when attempting to access the popular blogging site. The typo eventually led them to a message that claimed the victim had been selected as a “daily winner.” From there, the pattern seen with the Pinterest scam repeated itself.

“With countless studies being released which point to the regularity with which users are visiting their favorite social networking sites, it should come as no surprise that cyber criminals see these sites as prime targets for their attacks as they look to reach as many people as possible,” added Boyd.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Software giant Atlassian has named David Cross as its new CISO.

Dan Pagel has been named the new CEO of risk management and remediation firm Brinqa.

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.