What’s On Your Mind? - Spammers Continuing to Abuse the Reputation of Social Networking Sites

As the Internet community continues to pay more attention to the reputation of websites and email senders, spammers are doing their best to hide behind well-established and reputable brands. Social networking sites have for some time now been used by spammers in the spam war. As more and more people become connected through social networking sites, it is not unusual to receive notifications of status update or sharing information from your friends. Symantec has recently observed a number of spam attacks claiming to be messages from various social networking sites.

One recent sample attempted to attract the attention of the recipient by using the following tactics:
1.    Claiming to be from a social networking site
2.    Indicating in the Subject line that message was from a social networking site
3.    The message indicated that the recipient had a personal message.

The personal message often indicated that a video of an adult nature was recently made available. A URL link was provided directing the user to a fraudulent site that looked like a well known social networking site. The video was presented, but if the recipient attempted to view the video they were asked to download a new video player that had the name Flash_Adobe11.exe. This “video player” was in fact a piece of malware. Spammers hope that by hiding behind the reputation of this well known social networking site, combined with the adult video element, that it would peak human curiously and propel certain users into taking actions that are not from a security standpoint advisable.