View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 13, 2015

Facebook abused to spread spam on BuzzFeed and Huffington Post

Popular news sites appear to be being exploited by hackers.

By Jimmy Nicholls

Hackers are reportedly evading spam filters on Facebook’s popular comment plugin to carry out a "technical support scam" for various operating systems, including Windows and Mac.

Pop culture and sports pieces on BuzzFeed, ESPN and the Huffington Post are being exploited ostensibly to offer free access to streams of films still being shown in the cinema, before the attackers redirect users to a site AdCash, where they are scammed.

To do this hackers present victims with a warning message that their computer is in danger, before offering to supposedly help fix it for them.

Satnam Narang, senior security response manager at Symantec, which uncovered the scheme, wrote online that such technical support scams are not new, but that hackers have recently ditched cold calling as a means of carrying them out.

"Instead, they buy up ads and use scare tactics to convince victims to grant them access to their computers," he said.

"These scare tactics may display a pop-up that claims that a virus has been detected on the compromised computer or device, or that the computer or device’s operating system has crashed."

In a bid to avoid spam filters the attackers are posting messages and inserting links into them five or ten minutes later, whilst also posting marketing for whatever service they are supposedly encouraging users to try.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

The hackers also use phoney Facebook pages to disguise their activity, and are said to be targeting not only Windows computers, but also Mac OS X machines and iPhones.

"If you’re an avid follower or reader of any of these popular websites, watch out for comments advertising anything for free," Narang said.

"Even if people like the posts or leave positive comments about it, more often than not it’s a scam."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU