According to a report by Commtouch, cybercriminals are not only using Facebook for traditional fraud, like phishing and identity theft, but are also using it as a gray market for building and defrauding affiliate businesses.
Commtouch has published an in-depth analysis of 2011 Facebook attacks within its Internet Threats Trend Report, a year-end synopsis of Internet threats. The report and infographic present a comprehensive analysis of scores of malicious Facebook activities during the past year, as identified by Commtouch Labs.
Affiliate marketing sites are the final destination in three-fourths of all Facebook deceptions, according to the report. Visitors to these sites are induced to fill out surveys that generate affiliate payments for the scammers, victimising legitimate businesses that pay affiliate fees.
Users are induced to click on the scams through social engineering tactics such as free merchandise offers, celebrity news, new (fake) Facebook applications, or simply a trusted friend sending a message stating: ‚You have to see this!‚
After users first click on the scams, malware or malicious scripts are to blame for the further spread of slightly over half the analysed scams, with those falling into three main categories: likejacking, rogue applications, and malware or ‚self-XSS,‚ each of which is described in the report.
In 48% of the cases, unwitting users themselves are responsible for distributing the undesirable content by clicking on ‚like‚ or ‚share‚ buttons.
‚Facebook scammers are out to make money, and affiliate marketing is a rich source,‚ said Amir Lev, Commtouch’s chief technology officer. ‚The same social engineering techniques that malware distributors and spammers have been using for years to induce people to open their unwanted mail or click on malicious links are being leveraged within Facebook and other popular social networks for ill-gotten gains.‚
Besides Facebook threats, the report discusses Web threats, phishing, malware, and spam throughout the year. The content of the report is based on data from Commtouch’s GlobalView Network, which tracks and analyses billions of Internet transactions daily.
The trend report describes the explosion of email-borne malware in the third quarter of 2011 to the highest levels observed in over two years, followed by its subsequent drop to earlier low levels during the fourth quarter. While emails with attached malware subsided to a mere trickle, email messages with malware links hosted on compromised Web sites increased significantly, using themes like pizza delivery notifications and airline itineraries to trick recipients into clicking on the malicious links.
More details, including samples, statistics, and a brief presentation summarising the trend report are available at: http://www.commtouch.com/threat-report- january-2012