LAST-MINUTE PAPER: I looked at the eyes of Diablo and found an army of girls

Vicente Diaz Kaspersky Lab

  download slides (PDF)

The use of social engineering on popular social networks for the propagation of malware and scam campaigns has emerged as the natural successor to the old email-based phishing.

Some reasons are the lack of user awareness, the implicit trust of other users, the network topology, and not enough efficient countermeasures. However, there is a new factor: profiling users just the same way social networks do, for a more effective targeted scam!

This presentation describes a fraud campaign discovered on Twitter in July 2011. This campaign takes advantage of this new user profiling technique. It analyses all the technical aspects as well as invitations to think about many of the global implications, including potential countermeasures, legal aspects and profit for the fraudsters.

Typically these campaigns fly just below the radar, which is one of the main problems. This may lead to increasing rates of scams in social networks - just like what happened with email fraud over the last decade.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.