Want more friends? Just ask!

February 11, 2010 at 8:17 pm (computers, internet, security) (, , , , , )

I had my first ‘spam friend request’ today on Facebook.  Isidra – it was a name I didn’t recognise (obviously) so I had a look at her profile.  Fascinated, I clicked ‘show similar stories’ and ‘older posts’ on her wall … 5 pages of ‘Isidra and X are now friends’ messages!  5 pages!  Oh, and 6 status updates, 3 of which point to a profile on an adult site … and the others along the lines of ‘off to bed’ or ‘having a bath’.  That was it.  No ‘Isidra commented on …’ or ‘Isidra is using (some currently trendy app like FarmVille)’ or ‘Isidra was tagged in a phot’ or anything.

The profile was created on the 3rd of Feb and she now has 120 ‘friends’.  Danah Boyd had a very interesting set of posts on what constitutes a friend on a social network like Facebook (I like the reason that paraphrases as ‘to keep my parents out’!).  But it doesn’t really account for the ‘I have no reason, I just blindly accept friend requests from anyone who asks’ reason.  I mean, just looking at the profile you can see there is something more than a little odd!

I’ve read about clever ruses based around social engineering, where a spammer might examine someone’s list of friends on two social networks and fine a contact who is on one and not the other, and then create a fake profile for them on the other one.  The ‘target’ will accept a friend request on the other social network thinking it is from the friend they already know, but in fact its from the spammer.

In face of the 120 friend requests in 1 week that Isidra managed, I have to wonder why anyone would bother with anything more sophisticated than just asking every profile they come across! I wonder what her hit rate is … how many friend requests she sent out to get those 120.

I haven’t worked out where ‘she’ got my profile from yet, maybe that’s something for another day.  Well good luck to Isidra, and I hope her 120 ‘friends’ don’t suddenly find themselves have to patch up a compromised Facebook profile or clean up a virus infected PC … oh, and I would be slightly wary of that link to that profile on the adult site …

Kevin.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: