Oh Snap

Snapchat Users Annoyed by Sexts—When They Come from Naked Spammers

Not us. (Photo: Naked Security)

Welcome to the big leagues, Snapchat! This week the photo-sharing app experienced a startup Bar Mitzvah, of sorts, when it was inundated with its first major spam attack.

Unsuspecting users received an explicit snap from someone calling herself named “Honey.Crush9,” inviting them to a sexy Skype conversation. Anyone foolish enough to take the bait ended up with—surprise, surprise!—malware.  Read More


Booting Up: It’s Hardware’s Turn to Shine

(Photo: Blogspot)

Looks like hardware may finally be getting its chance in the sun at SXSW. [New York Times]

TechCrunch spoke to sources who were in the same fraternity with Reggie Brown and Evan Spiegel at Stanford and they corroborated the notion that Mr. Brown came up with the original idea for Snapchat. Winklevii’d. [TechCrunch]

Hey FYI, all those “free gift cards!” texts you were getting were actually spam (just in case you’ve never used a cell phone before). Luckily, the FTC is cracking down on 29 scam artists sending them out. [The Next Web]

Anita Sarkeesian, who became the target of trolls after daring to speak about women in video games, debuted her first episode of “Tropes vs. Women.” [The Daily Dot]

Pandora’s fourth quarter results were better than expected, but its CEO is still stepping down. [AllThingsD]


Some U.S. Government Websites Vulnerable to Spammy Redirects

Not government sanctioned.

Many Americans may instinctively believe there’s little risk in visiting any site that ends with .gov. It’s the government–their sites are secure, right? Apparently not.

Sophos’s NakedSecurity blog reports that spammers have discovered many U.S. sites are vulnerable to a simple exploit that sends the unwary to fake “work-at-home” websites.

The culprit is sloppy coding, which permits something called an open redirect. NakedSecurity demonstrated the ease with which a spammer can construct an open redirect: Read More


Spammers Now Phishing via Google Docs

Not government sanctioned.

In a new SecureList blog post, Kaspersky Lab researcher Vicente Diaz has described a new frontier in a relatively old online scam. Phishers, tired of building fake websites to lure victims into unintentionally giving away email addresses, passwords or even financial information are beginning to use Google Docs to siphon data from the unwary. Read More

Mr. Roboto

Meet Mark V. Shaney, Usenet’s Very Own @Horse_ebooks

Mr. Pike, Mark V Shaney's designer. (Photo: Flickr)

If you’ve spent a significant amount of time on the Internet, you’ve undoubtedly encountered the phenomenon of @Horse_ebooks, a Twitter spam bot that has managed to escape being shuttered by the microblogging service due in part to its weird and wildly popular form of poetry. The bot mines websites for snippets of text and tweets them a few times a day. As Gawker wrote in their oddly compelling investigation of the Russian programmer behind @Horse_ebooks, “The feed’s strangely poetic stream has been embraced like a life-preserver by internet users drowning in a sea of painfully literal SEO headlines and hack Twitter comedians.”

Of course, @Horse_ebooks is not the first bot to scrape texts and present its findings packaged in an entertaining and eerily human way. Before Twitter and before @Horse_ebooks there was Mark V. Shaney, a program that was so good at feigning humanity that it managed to confuse and rile Usenet group users for years. Read More


Spammers Are Why the U.K. Can’t Have Nice Things

Spam. (Photo: flickr.com/arndog)

You’d think once you cleared the political hurdles, open government would be pretty simple: Create a nice portal and upload the stats. Done and done. Well, in the interest of keeping the lines of communication with constituents open, the U.K.’s data.gov included a series of forums where anyone could submit suggestions or comments. And of course, those good efforts were rewarded with, as the BBC reports, a flood of spam advertising faux luxury goods.

A quick perusal of the forums reveals subject lines like “If this were a fairy cheap nfl jerseys” and “The cabin offers ergo baby,” and the body of each post is randomly sprinkled with links to the spammers’ offerings. Project head Antonio Acuña took to the site’s blog to explain that while they do use reCAPTCHA, the program only stops spam generated by software and, somewhat ominously, they suspect that “human intervention is also at play.”

Administrators have closed the comments while they figure out what do to. They’d probably rather be dealing with spammers than Debbie Downer comments like this, though: “I can only describe it as ‘Yes Minister.’ data. Harmless. Unlikely to generate controversy. Unless access is given to the raw data, this quest for knowledge is doomed.” Ouch, Peter.

Spam Wars

Reddit: Ban on Businessweek and The Atlantic Is Temporary

(Source: Flickr.com/kinopix)

Seems like the folks over at Reddit don’t take too kindly to spammers. The Daily Dot reports that at least five news source domains, including some media heavyweights like The Atlantic and Businessweek, have been banned from Reddit. That doesn’t just mean employees at those companies can’t post links–it means that users can’t post links that include atlantic.com or businessweek.com domains. Read More