Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Social Media: Still A Popular Hunting Ground for Cyber Criminals

The world of social media, with its wealth of information and volume of potential victims, has remained a popular stomping ground for cyber criminals. While examining the ten most prevalent threat detections for April, GFI Software discovered that Twitter and Facebook were no longer the main sources of material for enterprising scammers.

The world of social media, with its wealth of information and volume of potential victims, has remained a popular stomping ground for cyber criminals. While examining the ten most prevalent threat detections for April, GFI Software discovered that Twitter and Facebook were no longer the main sources of material for enterprising scammers.

“Established sites like Facebook and Twitter have long been a breeding ground for new cyber-attacks, but now we are seeing scammers taking an interest in the popularity of newer sites like Pinterest in order to catch victims off guard and trick them into clicking on something they shouldn’t,” commented GFI’s Senior Threat Researcher Christopher Boyd. 

Cybercriminals Use Social NetworksIn April, Twitter users were targeted with “must-see” tweets containing links that sent the victim to a domain that delivers fake anti-virus software. That particular campaign was followed by a similar one that directed users to domains leveraging the Blackhole Exploit Kit in order to infect the system with various types of malware. Once infected, the system would be pushed off to a secondary location hosting the Windows Antivirus Patch, which is another Rogue AV program.

Also on Twitter, a spam campaign using the account “Pinterestdep” (which was removed prior to GFI’s report being published) claimed to offer Visa gift cards to users willing to provide their opinions about Pinterest. Here at SecurityWeek, we observed this bot in action. After mentioning Pinterest in a message, we were spammed with a link to a survey offering a gift card. To collect, we needed to complete several forms and refer people to do the same.

According to GFI, Scammers also took advantage of Tumblr users who mistakenly entered “Tublr” into their web browser when attempting to access the popular blogging site. The typo eventually led them to a message that claimed the victim had been selected as a “daily winner.” From there, the pattern seen with the Pinterest scam repeated itself.

“With countless studies being released which point to the regularity with which users are visiting their favorite social networking sites, it should come as no surprise that cyber criminals see these sites as prime targets for their attacks as they look to reach as many people as possible,” added Boyd.

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...