Bebo (“Blog Early, Blog Often”), a social networking site widely used in the US and the UK, is being used by spammers as a new avenue to reach more users. Spammers create Bebo accounts and use their profile page for spam advertisement purposes, Websense first reported. Trend Micro Content Security confirms that this is the first time this particular social networking site was used in this manner in relation to spam.
Figure 1. Sample spam message containing Bebo links.
Figure 2. Bebo profile page advertising medication.
The risk here is that Bebo users might assume that the contents of the profile are legitimate since the link is under the Bebo domain. The risk of this for Bebo, however, has to do with maintaining a level of credibility amongst the sea of other social networking sites. Rampant abuse of profile creation for spamming purposes may compromise Bebo’s reputation. Same is true for other social networking sites that suffer from the same issues of control. This has been a prevalent and currently unresolved problem for sites like MySpace and Facebook.
According to Antispam Engineer Florabel Baetiong, spammers are leveraging on social networking sites since these are popular and are considered to be legitimate Web sites offering free services. Antispam outfits can easily take down an entire spamming operation via URL blocking if spammers used their own spam domains. Spammers point users to Bebo profiles in the hopes of evading antispam filters and piggybacking on the site’s legitimacy.
Trend Micro Smart Protection Network recognizes and effectively blocks this threat from ever reaching our users’ inboxes. Non-Trend Micro customers should be aware of this particular mode of attack and should activate antispam filters, if available, in their email applications.