By the AllClear ID Team
Allison here with AllClear ID. Spam, spam, spam. It’s everywhere and no site is safe unless the proper security measures are implemented. Most recently, micro-blogging site – Tumblr – has become a key target for spam campaigns. Some spam on the website are just pranks, but the point of much of this spam is to generate actual profit for the spammers.
“The majority of tactics used on Tumblr and Google Play are similar to those deployed on other popular social networking sites such as Facebook and Pinterest”, said Christopher Boyd, senior threat researcher at GFI Software. “Spammers continue to use surveys and phony prize offers simply because they work. Recycling old tactics minimizes the effort needed on their part, but it also gives users the opportunity to avoid becoming a victim by keeping a sharp eye and watching for tell-tale signs.”
GFI Software, an anti-spam and email security firm, conducted research in May on the most prevalent threat detections. This research found that spam campaigns were abound on Tumblr and Google Play. Although spam has been present on Tumblr since its inception, in the past few months there has been a targeted effort from spammers to drive Tumblr traffic to their sites. Hundreds of thousands of people have had their login credentials stolen.
“The three main types of spam that we regularly encounter on Tumblr are phishing pages, survey scams, and malware installs” Boyd said. “Many of these sites began as generic sites falsely offering ’free gifts‘ in return for personal information or a survey, but are now mimicking legitimate sites like the Tumblr staff blog in order to further fool users into thinking that the offers are real.”
Falling for these traps could mean signing up for monthly billing services, or handing over personal information to third-party marketers. At worst, it could mean loss of control over your Tumblr account and malware/browser plugins could lead to data theft. To avoid falling for these traps Boyd suggested that users do independent research to confirm whether or not the offer is true or a scam.
“Tumblr users should always check the source when they encounter unsolicited offers for free gifts and other prizes. If the content in front of them claims to be from the official Tumblr blog or another seemingly legitimate source they should independently navigate to the legitimate site and find the offer there,” he said. “Spam messages sent directly to your “Ask box” should be viewed with suspicion, and searching for additional information about the offer on your own will quickly confirm if it is a scam.”
For more identity protection stories check out our blog here!
Views expressed are the personal views of the author, and do not represent the views of the National Foundation for Credit Counseling, its employees, its members, or its clients.