Bebo Social Network Targeted By Spammers Again, Tens Of Thousands Of Bogus Accounts Generated Monthly
Bebo, the popular social networking site is currently under spammers attack who automatically registering thousands of bogus accounts advertising fake online pharmacies, with the campaign owners receiving revenue through an affiliate based program. According to Websense Security Labs, Bebo has already been targeted by spammers in July this year and according to MessageLabs, it happened again in October.
The automated registration process is made possible through breaking Bebo’s CAPTCHA in a combination with using bogus email registered in the very same fashion. Direct CAPTCHA breaking or outsourcing the process to humans in order to make such spam campaigns across social networking sites possible, is only going to get more efficient in 2009.
Spammers have found uses for the valid email addresses created on popular trusted free email sites by linking these addresses to accounts created on social networking sites, such as Bebo. According to Trend Micro, a search on Google for “Cialis”, a drug commonly referenced in spam messages, currently reveals two accounts on Bebo in the top-five results returned.
Approximately 30,000 bogus profiles have been generated for October alone. As always, Bebo isn’t targeted exclusively, but in between other social networking sites and blogging platforms, since from a blackhat search engine optimization perspective, the more popular the abused service the higher the visibility and shorter the time frame for search engine crawlers to pick up their bogus content.
The potential for abuse here is enormous, since once the profiles start acquiring traffic, the spammers could and will easily start selling the traffic through a traffic exchange program created exclusively for malicious purposes like redirecting to live exploit URLs, and rogue security software.
Consequently, users of social networking sites are receiving more “buddy” requests from fake profiles wishing to connect. This approach works well because traditional anti-spam solutions are unable to differentiate between these requests and genuine ones. The buddy requests appear genuine as they are from the real social networking site and consequently their headers are intact and correct. Moreover, the email addresses attached to the profiles are also valid, albeit they have been created fraudulently. Often, the only visible clues may sometimes be the random arrangement of letters in the user name portion of the email address.
More on CyberInsecure:
Posts
July 29th, 2009 at 9:49 am
Dear sir,
We are a youth organisation called Colaiste na bhFiann. In the last 2/3 days a bogus page was set up in the name of one of my employees. I have phone the parent of an ex pupil who may have something to do with it. Right now my concern is to get it down. The parent who I spoke to has been very helpful. The status of the site has changed in the last hour to ‘private’. I have screen shots from yesterday and I think the above address is the correct link to the site.
I would be greatful if you could help me out on this issue as the page is defamatory and the content is extremely inappropriate for a person working with young people. At the moment only ‘friends’ can access the page.
Yours sincerely
Caitríona Ní Cheallaigh
Caitríona Ní Cheallaigh
Cathaoirleach Feidhmiúcháín
4 Ardán Clifton,
Baile na Manach,
Co Atha Cliath
July 29th, 2009 at 10:24 am
I would suggest you to send email to Bebo support and ask them to remove the bogus account.