Followers @ Twitter, Instagram = Security Compromised Social Media Activities were targeted in different ways using Instagram & Blogs reveals Trend Micro Q2 2013, Security Round-up Report

37trend_micro_logoCybercriminals targeted SMBs and marketers who were trying to increase their online presence in second quarter of the year, revealed Trend Micro Q2 2013 Threat round-up report. Influence in social media depends largely on the number of followers an entity has. Cybercriminals created sites which lured users by the idea of acquiring a huge number of followers in a very short amount of time, and with almost no effort at all.

“These sites offer not only followers, but also retweets and likes for particular posts indicated by the customer. The required payment would depend on the number of followers, retweets, or likes preferred. The payment process requires the customer to transact via payment sites like and (for mobile users).In the end, no followers, retweets, or likes is provided to the customer, only the risk of information and money theft,” said Dhanya Thakkar, Managing Director, India & SAARC, Trend Micro.

It is important to note to those who are interested in employing such services that doing so leads to more harm than good. These services either just scam their customers by not delivering their promised service, or actually deliver, but do so through dubious means (usage of malicious scripts or botnets).

Also, as more users manage multiple online accounts, cybercriminals explored means to use this trend to their advantage. They abused popular blogging sites like Tumblr, WordPress, and Blogger to host fake streaming sites of popular summer movies, including Man of Steel, Fast and Furious 6, and Iron Man 3. These attacks abused the use of the SSO approach, which should serve as a reminder to protect online accounts and avoid using weak passwords.

In response to compromise incidents, LinkedIn, Evernote, and Twitter rolled out additional security measures, which notably included two-step verification measures. Instagram scams showed that cybercriminals are targeting SMBs and marketers who wish to increase their online presence. Such scams offer “free followers” or use professional looking sites where they can supposedly buy followers in bulk. The tactic of selling followers is not new though. Cybercriminals simply turned to different avenues outside Twitter and Facebook. Interestingly, this threat appeared while social media sites found ways to monetize the services they offered.