Affiliate Marketing Sites Used In Majority Of 2011 Facebook Scams

Cyber-criminals are no longer just using Facebook for identity theft or phishing scams. Now, they are using the social-networking platform to defraud affiliate businesses, according to security researchers.

Facebook swindlers directed their victims toward affiliate marketing sites in approximately three-quarters of scams in 2011. The in-depth analysis of Facebook scams that proliferated on the site in 2011 was published in Commtouch’s Internet Threats Trend Report.

Survey trap

Unsuspecting users are tricked into clicking on links posted on Facebook to go to affiliate sites where they fill out various surveys. The surveys generated affiliate payments for the scammers and wind up costing the legitimate businesses that pay those fees, Commtouch said.

The vast majority, or nearly 74 percent, of Facebook attacks in 2011 were designed to lead users to fraudulent marketing affiliate and survey sites, the report found.

Affiliate marketing was a “rich source” of income for scammers, according to Amir Lev, CTO of Commtouch.

Affiliate sites are a popular form of online marketing to generate user traffic. Businesses pay sites a fee for referring visitors to the site. Popular examples are reward sites where users earn cash or gifts for completing an offer and sending more people to the retailer’s site. When scammers set up affiliate marketing sites, they get a cut of the payments from the original retailer for diverting users to specific sites.

“Legitimate businesses are often defrauded of their affiliate marketing budget by having them included in these pages,” the report found.

Scammers can also harvest any personal data that was entered in the surveys and used for identity theft, according to the report.

Criminals generally use one of the four main ways to set up their social-engineering tricks, Commtouch researchers found. The most common (36 percent) relied on links, often spammed by friends, promising to show videos of shocking or tragic stories, the report found.

These links proliferate because they tickle people’s curiosity. However, free merchandise offers, such as free airline tickets, a free iPad or even unreleased Facebook phones, were the most common tactic used in the second half of 2011, accounting for 26 percent of the scams analysed in the report.

Users are typically aware that they are sharing these links, but they may think they are being helpful by posting the virus warnings or sharing great deals, the report found.

In the headlines

Sensational headlines after major news events are another effective way to ensnare victims, such as links promising exclusive video footage of Osama bin Laden’s death. Fake applications are also frequently used, such as the “dislike” button or applications that promise to reveal who has been viewing their profiles, the report found.

For criminals, it was not enough to just trick users, as criminals need to make sure the attacks spread and continue to trap other people, Commtouch said. They were most likely to trick users into sharing the links almost half the time, but also tricked users into copy-pasting malicious code to trigger a cross-site scripting attack or downloading malware.

Rogue applications and “like-jacking” – which employs a malicious script on the page to convert any mouse clicks on the page as a “like” that is also visible to other users – were employed in about a third of the scams.

“In 48 percent of the cases, unwitting users themselves are responsible for distributing the undesirable content by clicking on ‘like’ or ‘share’ buttons,” according to Commtouch.