Spammers Using Social Networks to Personalize Spam

Social networking is all about making connections with others, but being too social will come back to haunt you. Case in point – a new spam campaign is using information harvested on profiles from Facebook, Google+ and LinkedIn. The spammers hope that by personalizing their emails with the harvested information they will gain the trust of recipients, making them more likely to click on the included links and allow malware to infect their systems. Many of the messages look like they’ve been sent by friends of the recipients, but include only a link and perhaps a brief message asking them to check it out.

How do spammers get this information? Some of them create accounts and start sending out friend requests. Some even steal people’s profile photos and set up a clone account, pretending to be that person in hopes that their friends will send them friend requests. But mostly, they look for people who have foolishly refused to use the privacy tools given to them and leave their profiles set to public, often leaving personal info like phone numbers, addresses and email addresses out in the open for anyone to see.

Protecting accounts is as simple as not accepting friend requests from people you don’t know. For Facebook, activate their login notification tool. It will send you an email every time your account is logged into with important information like location and IP addresses. Yes, this can be annoying if you log in and out often, but it’s worth the minor inconvenience.

Written by Sue Walsh


  1. Lisa S. · February 15, 2013

    Social networks are a golden mine for criminals of all kinds. We are so open and we gladly share stuff that should be private. For instance, it won’t hurt to have a special email account for social networks only. This way even if spammers manage to get it, your important email addresses remain safe. And all the notifications you get – and they can be really a lot, if you are a heavy user of social networks – go to this email without cluttering your primary emails.

  2. Stephanie · February 18, 2013

    This is one of the reasons why I am very protective of my own social networking and social media accounts. I always make sure that I separate my personal and business accounts. With the latter, I usually do my invitations, so I know the people I’m linking to. If I’m being added, meanwhile, I checked their profile, especially our mutual friends. These don’t guarantee I’ll be forever spam free, but so far, they are working. I also make it very clear in both my accounts that I don’t tolerate spam. Anyone who tries to spam me will be automatically deleted in my profile.

  3. Maria · February 20, 2013

    That sounds like a good plan, Lisa, but don’t you think it’s kind of tiring maintaining more than one account? I guess those who don’t open the mail that’s intended for social media will be okay, but I think this is a cause of apprehension for those who regularly check their mails like I do. I have to settle with Stephanie’s move. In fact, I’ve been doing it ever since I’m into social media. Only the open accounts are those intended for promotions, and even they are closely monitored for any kind of spam, suspicious addition, etc.

  4. Alessa Rudolf · February 22, 2013

    I do have another account that’s specifically for social media, and I don’t open it all the time since I still receive private messages in my respective social media accounts, so honestly, I don’t think it’s much of a trouble, Maria. What’s important is that my main e-mail account is protected since that’s the one I use for work, especially closing deals with clients. It definitely has a lot of confidential information I should protect at all costs. I agree with Stephanie. If you want to reduce spam, avoid adding people you hardly know, and when they spam you, get rid of them immediately.

  5. Farrah · May 2, 2013

    Protecting your social network accounts depend largely on the amount of discipline that you have. You have to practice self-control, as well as avoid accepting friend requests from people you do not know. Never mind if he or she is a friend of a friend of a friend. Add or connect only with people you know personally. Also, be wary of accepting invitations (for games and other similar apps) from strangers. You will never know what they have in mind. And like what Alexa said, if your friends start posting or passing spam on your wall, simply delete their posts.

Leave A Reply