Alerts
BOOKMARK THIS ALERT
digg
|
del.icio.us
|
reddit
newsvine
|
furl
|
technorati
YouTube profiles used in viral marketing campaigns for spam
Date:09.23.2008
Threat Type: Malicious Web Site / Malicious Code
Websense® Security Labs™ ThreatSeeker™ Network has discovered a new spam campaign using YouTube profiles to advertise products and services.
In the past, we have seen user invites sent within YouTube containing URLs to spam sites. Also, we have seen emails sent that spoof YouTube user invites but contain a link directly to the spam site. This time around, spammers and malware authors are combining to send out spoofed YouTube user invites that link to a profile on the legitimate YouTube Web site. The spam link is then advertised on that profile. From a spammer's perspective, the chance of success is increased with such attacks, because they make use of the clean reputation of YouTube services.
Here is a screenshot of some sample spam emails: 
Clicking on the link in the email directs the user to a user (spammer) profile on a legitimate YouTube site. When users visit the profile page, they are encouraged to visit the spammers's advertised domain.
Here is a screenshot of YouTube profiles used for advertising a spam domain: 
Here is a screenshot of the actual spam domain: 
Websense Messaging and Websense Web Security customers are protected against this attack.