Gaming fans run bigger risks of spam and phishing from social networks Wednesday 31 March 2010 PDF Print BitDefender case study reveals that detailed profiles, shared groups and mutual acquaintances give more credibility to fake identities. Social gaming aficionados are exposing themselves to real and present danger of falling victim to fraud and ID theft, according to a study presented by BitDefender at the recent MIT Spam Conference. Today’s entertainment applications available in social networks require users to gather a considerable amount of friends and supporters to play the same game in order to attain higher scores. To achieve this, players have developed channels, groups and fan pages, which facilitate the interaction between them. Spammers and phishers are exploiting this opportunity by using fake profiles and bots that send spam messages. Unlike regular social networking spam, when the users are enticed to add the spammer in their circle of friends, the social gaming-related phony profiles are willingly added by the users as an immediate consequence of their interest in enlarging the supportive players’ community. This makes it almost impossible for the bogus accounts to be automatically suspended, since the spammers’ action does not constitute an abuse. The study also demonstrates that the most successful fake accounts are those miming real profiles, which hold plenty of details and pictures of the user behind. In an acceptance experiment, BitDefender researchers created three honeypot profiles –one without any picture and holding few details, another with an image and some information, and a third with a large amount of data and photos. All three profiles were subscribed to general interest groups. One hour after starting to add people to each profile, the circle of friends enlarged with 23 connections for the first profile, 47 for the second profile and 53 for the third profile. After joining social games groups, the volume of users willing to add unknown people increased drastically. Within 24 hours, 85 users accepted a request from the first profile which they did not know, 108 from the second and 111 from the third. George Petre, BitDefender Threat Intelligence Team Leader and author of the case study, said “Users are more likely to accept spammers in their friends list when they are in a social network than in any other online communication environment.” The security implications are numerous, ranging from the consolidation and increase of the spamming power, data and ID theft, accounts hijacking to malware dissemination. A shortened URL posted without any explanation on each honeypot profile was followed by 24 percent of the friends from the three accounts, even if they did not know who posted it and where it was going. “This fact brings spam and social engineering schemes closer and more effectively to the user than any e-mail spam or scam. Moreover, we have seen that in the social applications environment, users can be easily tricked into adding spammers to their profile. Thus, we recommend social gaming aficionados to use extreme caution before enlarging their circle of friends,” Petre added. The complete case study is available here BitDefender will be participating at Infosecurity Europe 2010, the No. 1 industry event in Europe held on 27th – 29th April in its new venue Earl’s Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit www.infosec.co.uk About BitDefender® BitDefender is the creator of one of the industry’s fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention, emerging as the industry’s anti-malware innovator. Every day, BitDefender protects tens of millions of home and corporate users across the globe — giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security solutions press room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware. For more information visit http://www.bitdefender.co.uk Contact: Matthew Hicks Social Media Co-ordinator BitDefender (UK and Ireland) Tel: 0845 130 5096 E-mail: firstname.lastname@example.org Issued by: Mike Ottewell MJO PR for BitDefender UK Tel: 01538 361217 E-mail: email@example.com This press release was distributed by ResponseSource Press Release Wire on behalf of MJO Associates in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit http://pressreleasewire.responsesource.com/about.