Cybercriminals Imitating Social Networks To Spread Malware

  • By Dian Schaffhauser
  • 05/26/09
##AUTHORSPLIT##<--->

Research by a security product vendor shows that cybercriminals are using domain names that reference popular social networking sites to lure users to fake Web sites. The results of research conducted by Websense, which makes security software, reveals a growing domain-name cloning trend that includes brands like Facebook, MySpace, and Twitter. These sites have no connection to the real sites but are trying to trick unsuspecting users to visit fake Web sites and enter sensitive information or download malicious code.

The Websense Security Labs found more than 150,000 phony copycat sites using the term Facebook and 50,000 using some variation of either MySpace or Twitter in their URLs.

Researchers said hackers appear to be taking steps to create these cloned domains to circumvent security measures put in place by organizations to filter the original domain in a business setting. Many of the domains are proxy avoidance sites that are used to try to evade traditional Web filtering technology.

"These new threats illustrate that attackers will continue to target Facebook, MySpace, and Twitter, along with other social networking sites, for three reasons," said Charles Renert, senior director, advanced content research. "First, these Web sites are popular so fraudsters are able to target lots of victims; second, people trust the content on it because they think it's from other people in their network; and third, they are easy to compromise because they allow anybody to create and post content. Traditional Web filtering isn't enough to protect users from threats on trusted sites and isn't enough to keep up with fraudsters generating new URLs almost instantaneously to avoid detection. Only real-time analysis of Web content can prevent users from being exploited by these attacks."

This isn't the first time Facebook users have been targeted by hackers. In late April, Websense detected a phishing campaign targeting the site. The scam, labeled "FBStarter" by security researchers, redirected users to a phishing page that spoofs Facebook's sign-in page. By entering their user name and password, they unknowingly gave attackers the information necessary to log into their account and spam their friends.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • laptop displaying a red padlock icon sits on a wooden desk with a digital network interface background

    Reports Point to Domain Controllers as Prime Ransomware Targets

    A recent report from Microsoft reinforces warns of the critical role Active Directory (AD) domain controllers play in large-scale ransomware attacks, aligning with U.S. government advisories on the persistent threat of AD compromise.

  • laptop displaying a glowing digital brain and data charts sits on a metal shelf in a well-lit server room with organized network cables and active servers

    Cisco Unveils AI-First Approach to IT Operations

    At its recent Cisco Live 2025 event, Cisco introduced AgenticOps, a transformative approach to IT operations that integrates advanced AI capabilities to enhance efficiency and collaboration across network, security, and application domains.

  • educators seated at a table with a laptop and tablet, against a backdrop of muted geometric shapes

    HMH Forms Educator Council to Inform AI Tool Development

    Adaptive learning company HMH has established an AI Educator Council that brings together teachers, instructional coaches and leaders from school district across the country to help shape its AI solutions.