Video Screencast Help
Security Response

Instaspam 2: Electric Boogaloo

Created: 28 Nov 2012 22:14:57 GMT • Updated: 23 Jan 2014 18:11:21 GMT • Translations available: 日本語
Satnam Narang's picture
+1 1 Vote
Login to vote

While death and taxes may be certainties in our lives, in the digital world—especially in social networking—one certainty is spam.

I recently wrote about gift card spam targeting the popular photo-sharing application Instagram. The service now has over 100 million users and it recently surpassed Twitter with more average daily visitors (Figure 1). As the number of users of Instagram continues to increase, we expect to see a corresponding increase in Instagram spam.

Figure 1. Instagram daily visitor growth
 

Cash Rules Everything Around Me (C.R.E.A.M.)

While gift cards work quite well as a lure in social engineering, the promise of cash (through different means) or even fame is a sure fire way to attract targets.

Figure 2. Spam comments as lure

In one example, a spammer tries to lure a user by offering movie roles (Figure 2). This spam comment mentions a user account (Figure 3) where details can be found. We have seen something similar before, where spam accounts tag fake promotional accounts as a way of tricking users.

Figure 3. Spam user profile has many followers

The URL provided in the spam user profile (Figure 3) confirms more than 8,000 clicks in just a two-day period (Figure 4).

Figure 4. Instagram spam lure success
 

The distribution of these clicks also confirms more than 5,000 originated from mobile devices. Most of the security applications designed for smartphones do not handle blocking browser-based spam, which is one reason why it is attractive to target these users.
 

Hashtags-a-go-go

Another easy way for scammers to lure targets is to focus on hashtags (words or phrases prefixed with the symbol #). On U.S. Election Day, for example, many users were using #ivoted to show off their “I Voted” stickers. Spammers targeted this popular hashtag with their message (Figure 5).

Figure 5. More spam comments as lure

While the Brenda spam comment (Figure 5) is a type commonly found, the spam comment from Isabelle is different: she makes no mention of making money from home neither does she offer anything else to the user. Instead, Isabelle leaves a generic comment.

Figure 6. Curiosity killed the cat? More spam.
 

Once a user visits Isabelle’s profile, it becomes obvious: the account is plugging a work-from-home scheme in the profile bio section (Figure 6).
 

Follow Me Now

Last, but certainly not least, is the allure of attaining more followers. Followers are a key part of any social network and it is just as important on Instagram.

Figure 7. Spam account promises new followers

There are plenty of scams circulating on Instagram about how one can purchase likes and new followers. However, this is the first time I have seen an Instagram scam (Figure 7) that leads users to a survey scam page (Figure 8).

Figure 8. Survey scam targets Instagram users

If you come across spam while using Instagram, you can do your part and report it.

And please remember folks, if it sounds too good to be true, there is a good chance that it is, in fact, too good to be true.