Facebook Attacks Feeding Fraudulent Affiliates

Allison Howen
by Allison Howen 14 Jan, 2012

Most Facebook attacks are feeding fraudulent affiliate marketing sites according to a new report.


The Internet Threats Trend Report from Commtouch reports that affiliate marketing sites are the final destination of 74 percent of all Facebook scams. Visitors to these sites are prompted to fill out surveys that generate affiliate payments for the scammers, which abuses businesses that pay affiliate fees.


Fooled users are encouraged to click on the scams through social engineering tactics, such as free merchandise offers, celebrity news, fake Facebook applications or through messages from friends that say something like "check this out!"


According to the study, these deceptions are being spread through a number of ways. Users willingly click on the like or share button 48 percent of the time, while 52 percent of the time likes and shares are generated through likejacking, scripts and malware. And, if just five friends continually share or like these attacks, it can be spread to 9,765,625 people within a few hours.


"Facebook scammers are out to make money, and affiliate marketing is a rich source," says Amir Lev, Commtouch's chief technology officer. "The same social engineering techniques that malware distributors and spammers have been using for years to induce people to open their unwanted mail or click on malicious links are being leveraged within Facebook and other popular social networks for ill-gotten gains."


And although Facebook has made attempts to block malicious content, users can protect themselves and friends against Facebook attacks by using caution when "liking" or sharing something, being suspicious of offers for free stuff, not following links with generic text, avoiding links that promise a newsworthy scoop and being cautious of the applications they download.