Cloud-based Internet security service provider Commtouch reports that about half of all malevolent content on Facebook is propagated by members unknowingly spreading the material to their contacts by clicking the “like” or “share” buttons on posts.
The figure was reported in the Internet Threats Trend Report, the company's year-end analysis of Facebook attacks during 2011.
The report examines how social engineering is used in attack campaigns, how the attacks are designed and carried out, and how the criminals behind the attacks actually profit from the operations.
Around three-fourths of the malicious links identified in the study lead to affiliate marketing sites where victims "are induced to fill out surveys that generate affiliate payments for the scammers, victimizing legitimate businesses that pay affiliate fees".
The use of enticements in these scams play on people's desire to get something for nothing - reminding us that if something sounds too good to be true, it usually is.
"Users are induced to click on the scams through social engineering tactics such as free merchandise offers, celebrity news, new (fake) Facebook applications, or simply a trusted friend sending a message stating: 'You have to see this!' After users first click on the scams, malware or malicious scripts are to blame for the further spread of slightly over half the analyzed scams, with those falling into three main categories: likejacking, rogue applications, and malware or self-XSS," a press release describing the report noted.
“Facebook scammers are out to make money, and affiliate marketing is a rich source. The same social engineering techniques that malware distributors and spammers have been using for years to induce people to open their unwanted mail or click on malicious links are being leveraged within Facebook and other popular social networks for ill-gotten gains," said Amir Lev, Commtouch’s chief technology officer.
(Click image to enlarge)
The Commtouch report also examines other malicious online activity throughout 2011, including spam operations, phishing exploits, and the use of malware by cyber criminals.
More details, including samples, statistics, and a brief presentation summarizing the trend report are available at: http://www.commtouch.com/threat-report-january-2012.