Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Response

As Snapchat Adds Native Chat Functionality, Expect Spammers to Adapt

Created: 01 May 2014 23:08:41 GMT • Updated: 01 May 2014 23:54:04 GMT
Satnam Narang's picture
+1 1 Vote
Login to vote

Earlier today, photo-messaging application Snapchat unveiled new features that enable users to chat directly within the application, a frequently requested feature. The addition of this feature, while an improvement, provides the individuals responsible for Snapchat spam a new feature to play with in their efforts to target users of the service.

History of Snapchat Spam

Chat Snapchat 1.png

Figure 1. Previous iterations of porn and dating spam on Snapchat

We have written numerous blogs about the rise of Snapchat spam over the last six months. The common thread in each of these spam campaigns was that they were all hindered by the lack of chat functionality. This roadblock presented a challenge to spammers, which led to a common workaround. Each of the spam “snap” messages sent to users featured a caption that asked them to manually perform one of the following actions:

  • Add an attractive girl on Kik messenger
  • Visit a website intended to push diet spam
  • Inform them that they won a gift card or prize that could only be redeemed at an external website

Chat Snapchat 2.png

Figure 2. Previous iterations of diet spam on Snapchat

The Future of Snapchat Spam

Now that the chat functionality is native to Snapchat, spammers can remain within the application itself and tailor their spam to work with this new functionality in mind. They can start building chat bots that communicate directly with Snapchat users or find new ways to trick users into clicking on links.

Restrictions on Sharing Links

Chat Snapchat 3.png

Figure 3. Comparison of sharing links through Snapchat’s “Chat” feature

While spammers can send links within chat messages, the way they appear to the recipient can vary. For messages from non-friends, the links cannot be clicked on. For messages from friends, the links are active and clickable.

Understand that spammers are determined and will find ways to adapt. For instance, a spam campaign could begin with an initial photo message of a scantily clad woman that offers “sexier pictures” if a user adds them as friends to ensure that their links would be clickable as the campaign continues.

Review your privacy settings

Now would be a good time to review your Snapchat privacy settings and make sure that only your friends can send you snaps. Please note that even if you restrict who is allowed to send you snaps, you can still receive friend requests from spammers.

We’re keeping an eye out for new spam campaigns using this new feature and we think you should too. Tweet us @threatintel if you come across new Snapchat spam.