Subscribe to DSC Newsletter

The big security issue with social networks is the content posted by members. A new trend has emerged, where bad guys automatically create a large number of accounts via botnets, then grow their networks, and finally post links that are extremely dangerous to click on, reaching a large number of users. Sometimes the dangerous URL's are propagated via email, to all friends or connections, using the mailing client available on the network.

On social networks that encrypt the URL (such as Twitter), unless anti-fraud and link scoring algorithms are being used, the average user has no idea that clicking on a little tiny URL can result in very severe infections by viruses such as Gumblar, Conficker or Reader_s.exe. To compound the issue, the problems might happen more than 6 months after the initial infection, when the virus neutralizes the victim's computer after having stolen all the data including login and passwords.

Sometimes these tiny URL's generate a chain of redirects before landing on the infected server, making fraud detection even more difficult. Social networks not implementing the right anti-fraud technologies create significant risks for their users. On AnalyticBridge, we have implemented solutions to eliminate this problem, using proprietary URL scoring technology.

Views: 230

Reply to This

Replies to This Discussion

Vincent,

I am also beginning to see these tiny URL's show up within non-social media sites, and they look innocent enough. Firefox has some add-ins to deflect some of this such as expanding shortened URL back to their original form, as well as some good java script blockers.

https://addons.mozilla.org/en-US/firefox/

-Ralph Winters
This is definitely a problem. Tweetdeck has a setting that allows you to preview info about a ShortURL before directing you to it. It shows the Story Title, the short URL, and the actual (long) URL etc...
What about well known companies (e.g. Microsoft) sending email messages filled with links that look suspicious? For instance, the message below looks like a real email from Microsoft sent to Microsoft advertisers, however all the clickable URLs have non-Microsoft.com target domains, and are filled with tags - making this message look highly suspicious despite the fact that it is most likely legitimate?

To ensure that you continue to receive Microsoft adCenter communications, please add our domain (@microsoftadvertising.com) to your safe senders list.


http://click.msadvertisingemail.com/?qs=b814176bbba52312c9274c393a8...
View message as webpage


Dear Vincent,


Want to keep up to date with the latest trends, get advice from your peers, share your views with industry experts, or give our product evangelists feedback on product features? Come participate in the
http://click.msadvertisingemail.com/?qs=cbe8607e9cf346c28d4cba08616...
Microsoft Advertising Community.
We’ve improved our site to bring you the best community experience for all things Microsoft Advertising, including adCenter, pubCenter, and industry news. Now it’s even easier to find what you’re looking for—from blog posts and forum discussions to podcasts and videos.
You can also follow
http://click.msadvertisingemail.com/?qs=ec3a7e933dfe881700a772132d4...
MSAdvertising
and
http://click.msadvertisingemail.com/?qs=f372cf013b4a6a37f676fa837eb...
adCenterBlog
on Twitter or become a fan on
http://click.msadvertisingemail.com/?qs=df3231f89ba37f71be7bd2c2829...
Facebook.
No matter how you want to engage with us, you’ll find an array of platforms that let you easily raise important questions and share your great feedback. The result? You’ll acquire deeper mastery of your online campaigns as you help us improve our products and services.


Thank you for using adCenter.


Sincerely,


The Microsoft Advertising Community Team


Please do not reply to this message; it has been sent from an unmonitored address.


To ensure that you continue to receive Microsoft adCenter communications, please add our domain (@microsoftadvertising.com) to your safe senders list.


You are receiving this message from the Microsoft adCenter Program. We hope you find these communications valuable; however, if you would prefer to no longer receive adCenter Member Communications please
http://pages.msadvertisingemail.com/page.aspx?qs=38dfbe491fab00ea68...
click here.
If you choose to opt-out this will not affect any other communications you receive from Microsoft. For information about managing your contact preferences for other Microsoft sites and services, go to the
http://click.msadvertisingemail.com/?qs=48349730893afcb5e36ef1a0df2...
Communication Preferences section of the Microsoft Online
http://click.msadvertisingemail.com/?qs=73386301b4a955c9d4396ca4477...
Privacy Statement.


Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
You raise a good point.

I know that AVG Anti-Virus will not allow you to go all the way to a page if they deem it suspicious. It shows another alert page in the browser that lists it as unsafe. But I'm not sure whether it covers everything.

And Twitter is very good and quick to ban members who create false profiles as a way of spamming people. That is not to say that people cannot still be infected, or slip through the cracks before they are caught. Or that someone who doesn't fit in their "alert rules" might not by-pass the system. I don't know the whole method they are using. But they happen to be quite good in my experience, overall, with catching fraud accounts.

Hmm...however, I just thought of an idea/solution for a program that can be created and marketed to these social networking companies to help them with this problem. Email me for more info/discussion if you're like.
I might also add, there are some URL websites that have become sensitive to this topic too, themselves. And companies like www.shorturl.com now provide previews like this one: http://preview.alturl.com/mp8z which allow the viewer to see an actual view of the entire URL they are being sent to before entering.

In this case (above) the URL is of the following: http://www.businessweek.com/the_thread/blogspotting/archives/2009/0... which is an article I re-published to my Twitter feed just now of my thoughts which were posted for the BusinessWeek Blogspotting Review.

RSS

On Data Science Central

© 2019   AnalyticBridge.com is a subsidiary and dedicated channel of Data Science Central LLC   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service