As Twitter verifies, spam attacks on networks increases

8 Jun 2009

Twitter is moving to launch a verification service to avoid cases of celebrity impersonation. But this is only the tip of the iceberg in terms of social-networking security, as spammers and hackers are targeting services such as Twitter and Facebook.

It was confirmed last week that Tony La Russa, the manager of the St Louis Cardinals Major League Baseball team, was suing Twitter for unspecified damages after an impersonator set up an account in his name and tweeted about dead players.

While the case has been settled with Twitter agreeing to pay La Russa’s legal costs, other famous names who have been targeted by impersonators include Cheryl Cole of Girls Aloud and hip-hop artist Kanye West.

But impersonation is just the tip of the iceberg in terms of security issues arising from social-networking sites.

According to security software firm Symantec, spammers habitually exploit the reputations of brands for their benefit.

As more and more people become connected through social-networking sites, it is no surprise that the trust and reputation earned by these websites is misused by spammers. In the past month, spam attacks have leveraged the burgeoning social-networking brand Twitter for two spam campaigns – ‘Make Money Fast’ (MMF) and dating spam.

In May spam levels rose dramatically, and the McColo shutdown is all but a distant memory with spam levels at approximately 90pc of all email – consistent with the levels observed one year ago.

Old botnets have been brought back online, and new botnets have been created. While the EMEA region continues to be the leading host of zombie computers, Brazil at 16pc continues to own the dubious honour of the No 1 host of active zombie machines.

With impersonation and spam also comes the spectre of phishing for personal details and passwords. Symantec’s June 2009 State of Phishing Report observed that 42pc of phishing URLs were generated using phishing toolkits, an increase of 100pc from the previous month.

Symantec also observed a new trend of phishing attack towards the popular social-networking site Facebook.

More than 98 web-hosting services were used, which accounted for 6pc of all phishing attacks; a decrease of 5pc from the previous month.

By John Kennedy